threat
engine
.sh
Back
·
··:··
Home
/
Product
/
schneider electric modicon m340 bmxp342030 firmware
Product
schneider electric modicon m340 bmxp342030 firmware
17 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-6408
< 3.60
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could
8.1
HIGH
CVE-2021-22786
< 3.40
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory o
7.5
HIGH
CVE-2022-45789
all versions
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus function
8.1
HIGH
CVE-2022-45788
all versions
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, de
7.5
HIGH
CVE-2022-0222
< 3.50
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication o
7.5
HIGH
CVE-2022-37301
< 3.50
A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due
7.5
HIGH
CVE-2022-37300
< 3.50
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in re
9.8
CRITICAL
CVE-2022-22724
all versions
A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502
7.5
HIGH
CVE-2021-22779
all versions
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including a
9.1
CRITICAL
CVE-2020-7564
all versions
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modico
8.8
HIGH
CVE-2020-7563
all versions
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy
8.8
HIGH
CVE-2020-7562
all versions
A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy o
8.1
HIGH
CVE-2015-6462
all versions
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be
5.4
MEDIUM
CVE-2015-6461
all versions
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100
5.4
MEDIUM
CVE-2017-6017
all versions
A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H,
7.5
HIGH
CVE-2014-0754
all versions
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 14
CVE-2013-2763
all versions
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin