cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34763,https://securityvulnerability.io/vulnerability/CVE-2022-34763,Insufficient Data Authenticity Verification in X80 Advanced RTU Communication Module by Schneider Electric,"A vulnerability exists in Schneider Electric’s X80 advanced RTU Communication Module and OPC UA Modicon Communication Module, stemming from insufficient verification of data authenticity. This flaw allows unauthorized firmware images to be loaded, potentially compromising the integrity of the devices. The issue affects specific versions of the communication modules, emphasizing the need for users to ensure firmware authenticity to safeguard against security breaches.",Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",5.9,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-07-13T21:15:00.000Z,0
CVE-2022-34762,https://securityvulnerability.io/vulnerability/CVE-2022-34762,Path Traversal Vulnerability in Schneider Electric X80 and OPC UA Communication Modules,"A vulnerability exists in the X80 Advanced RTU Communication Module and OPC UA Modicon Communication Module due to improper path restrictions. This weakness allows unauthorized loading of firmware images by targeting the firmware image path, potentially leading to the execution of unsigned firmware. Both the affected modules can be exploited by malicious users who manipulate the path, compromising the integrity and security of the systems. It is crucial for users of these products to implement security measures and updates to mitigate the risks associated with this vulnerability.",Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",5.9,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2022-07-13T21:15:00.000Z,0
CVE-2022-34764,https://securityvulnerability.io/vulnerability/CVE-2022-34764,Buffer Overflow Vulnerability in Schneider Electric's Communication Modules,"A vulnerability exists in Schneider Electric's X80 advanced RTU Communication Module and OPC UA Modicon Communication Module that allows for improper restrictions during URL parsing. This flaw can potentially lead to a denial of service, adversely affecting system availability and reliability. Affected versions of the products must be patched to mitigate the risk associated with this vulnerability effectively.",Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",5.9,MEDIUM,0.0008800000068731606,false,,false,false,false,,,false,false,,2022-07-13T21:15:00.000Z,0
CVE-2022-34761,https://securityvulnerability.io/vulnerability/CVE-2022-34761,NULL Pointer Dereference Vulnerability in X80 Advanced RTU and OPC UA Modicon Modules by Schneider Electric,"A NULL Pointer Dereference vulnerability has been identified in Schneider Electric's X80 Advanced RTU Communication Module and OPC UA Modicon Communication Module. This vulnerability can result in a denial of service condition, particularly when the webserver processes JSON content. Affected versions of the X80 module include V2.01 and later, while the OPC UA module is susceptible in versions V1.10 and prior. Users of these products are advised to take necessary precautions to mitigate potential impacts.",Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",7.5,HIGH,0.000859999970998615,false,,false,false,false,,,false,false,,2022-07-13T21:15:00.000Z,0
CVE-2022-34759,https://securityvulnerability.io/vulnerability/CVE-2022-34759,Out-of-Bounds Write Vulnerability in Schneider Electric's Communication Modules,"An out-of-bounds write vulnerability exists in Schneider Electric's X80 Advanced RTU Communication Module and OPC UA Modicon Communication Module. This issue arises from improper parsing of HTTP headers, potentially leading to a denial of service for the web server. Attackers could exploit this vulnerability to disrupt services, affecting the availability and reliability of critical communication functions in these modules.",Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",7.5,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2022-07-13T21:15:00.000Z,0
CVE-2022-34760,https://securityvulnerability.io/vulnerability/CVE-2022-34760,Infinite Loop Vulnerability in Schneider Electric X80 RTU and OPC UA Modicon,"A vulnerability exists in Schneider Electric's X80 Advanced RTU Communication Module and OPC UA Modicon Communication Module, where improper handling of cookies can lead to an infinite loop scenario. This could result in a denial of service of the associated web server, compromising availability and potentially impacting users reliant on these systems for critical operations.",Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",7.5,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2022-07-13T21:15:00.000Z,0
CVE-2022-34765,https://securityvulnerability.io/vulnerability/CVE-2022-34765,External Control of File Name or Path Vulnerability in Schneider Electric's Communication Modules,A vulnerability exists in Schneider Electric's X80 Advanced RTU Communication Module and OPC UA Modicon Communication Module that allows external control of file names or paths. This could lead to unauthorized firmware images being loaded when user-controlled data is written to sensitive file paths. Users utilizing these modules should take preventive measures to protect against potential exploitation of this flaw.,Schneider Electric,"Opc Ua Modicon Communication Module,X80 Advanced Rtu Communication Module",5.5,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-07-12T00:00:00.000Z,0