CVE-2023-6408

< 3.60

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could

8.1HIGH

CVE-2021-22786

< 3.40

A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory o

7.5HIGH

CVE-2022-45789

all versions

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus function

8.1HIGH

CVE-2022-45788

all versions

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, de

7.5HIGH

CVE-2022-0222

< 3.50

A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication o

7.5HIGH

CVE-2022-37300

< 3.50

A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in re

9.8CRITICAL

CVE-2021-22788

< 3.40

A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted

7.5HIGH

CVE-2021-22787

< 3.40

A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a

7.5HIGH

CVE-2021-22785

< 3.40

A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root direc

7.5HIGH

CVE-2020-7534

all versions

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive dat

8.8HIGH

CVE-2021-22779

all versions

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including a

9.1CRITICAL

CVE-2020-7549

< 3.30

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Off

5.3MEDIUM

CVE-2020-7543

< 3.30

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Control

7.5HIGH

CVE-2020-7542

< 3.30

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Control

7.5HIGH

CVE-2020-7541

< 3.30

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantu

5.3MEDIUM

CVE-2020-7540

< 3.30

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modi

9.8CRITICAL

CVE-2020-7539

< 3.30

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offe

7.5HIGH

CVE-2020-7537

< 3.30

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Control

7.5HIGH

CVE-2020-7536

< 3.30

A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior t

7.5HIGH

CVE-2020-7535

< 3.30

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists i

7.5HIGH

CVE-2019-6855

< 3.20

Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all ve

7.3HIGH

CVE-2015-6462

all versions

Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be

5.4MEDIUM

CVE-2015-6461

all versions

Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100

5.4MEDIUM

CVE-2018-7762

all versions

A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon

7.5HIGH

CVE-2018-7761

all versions

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXN

9.8CRITICAL

CVE-2018-7760

all versions

An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR020

9.8CRITICAL

CVE-2018-7759

all versions

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The

7.5HIGH

CVE-2018-7242

all versions

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controlle

9.8CRITICAL

CVE-2018-7241

all versions

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in al

9.8CRITICAL

CVE-2017-6017

all versions

A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H,

7.5HIGH

CVE-2014-0754

all versions

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 14

CVE-2013-2763

all versions

The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified