threat
engine
.sh
Back
·
··:··
Home
/
Product
/
schneider electric modicon m340 bmxp3420302 firmware
Product
schneider electric modicon m340 bmxp3420302 firmware
28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-6408
< 3.60
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could
8.1
HIGH
CVE-2021-22786
< 3.40
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory o
7.5
HIGH
CVE-2022-45789
all versions
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus function
8.1
HIGH
CVE-2022-45788
all versions
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, de
7.5
HIGH
CVE-2022-0222
< 3.50
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication o
7.5
HIGH
CVE-2022-37300
< 3.50
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in re
9.8
CRITICAL
CVE-2022-22724
all versions
A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502
7.5
HIGH
CVE-2020-7549
< 3.30
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Off
5.3
MEDIUM
CVE-2020-7543
< 3.30
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Control
7.5
HIGH
CVE-2020-7542
< 3.30
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Control
7.5
HIGH
CVE-2020-7541
< 3.30
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantu
5.3
MEDIUM
CVE-2020-7540
< 3.30
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modi
9.8
CRITICAL
CVE-2020-7539
< 3.30
A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offe
7.5
HIGH
CVE-2020-7537
< 3.30
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Control
7.5
HIGH
CVE-2020-7536
< 3.30
A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior t
7.5
HIGH
CVE-2020-7535
< 3.30
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists i
7.5
HIGH
CVE-2020-7533
< 3.20
CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authent
9.8
CRITICAL
CVE-2019-6855
< 3.20
Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all ve
7.3
HIGH
CVE-2015-6462
all versions
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be
5.4
MEDIUM
CVE-2015-6461
all versions
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100
5.4
MEDIUM
CVE-2018-7762
all versions
A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon
7.5
HIGH
CVE-2018-7761
all versions
A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXN
9.8
CRITICAL
CVE-2018-7760
all versions
An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR020
9.8
CRITICAL
CVE-2018-7759
all versions
A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The
7.5
HIGH
CVE-2018-7242
all versions
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controlle
9.8
CRITICAL
CVE-2018-7241
all versions
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in al
9.8
CRITICAL
CVE-2017-6017
all versions
A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H,
7.5
HIGH
CVE-2014-0754
all versions
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 14
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin