All the vulnerabilites related to Schneider Electric - Modicon M340 CPU (part numbers BMXP34*)
cve-2022-45789
Vulnerability from cvelistv5
Published
2023-01-31 00:00
Modified
2024-08-03 14:17
Severity ?
EPSS score ?
Summary
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | EcoStruxure Control Expert |
Version: All Versions |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:17:04.077Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "EcoStruxure Control Expert ", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "EcoStruxure Process Expert", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eA CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)\u003c/p\u003e" } ], "value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-294", "description": "CWE-294: Authentication Bypass by Capture-Replay", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-09T13:48:11.112Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2022-45789", "datePublished": "2023-01-31T00:00:00", "dateReserved": "2022-11-22T00:00:00", "dateUpdated": "2024-08-03T14:17:04.077Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6408
Vulnerability from cvelistv5
Published
2024-02-14 16:52
Modified
2024-08-02 08:28
Severity ?
EPSS score ?
Summary
CWE-924: Improper Enforcement of Message Integrity During Transmission in a
Communication Channel vulnerability exists that could cause a denial of service and loss of
confidentiality, integrity of controllers when conducting a Man in the Middle attack.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: Versions prior to sv3.60 |
||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_m580_bmep585040_firmware", "vendor": "schneider-electric", "versions": [ { "lessThan": "4.20", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_m340_bmxp342030h_firmware", "vendor": "schneider-electric", "versions": [ { "lessThan": "3.60", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_m580_bmeh586040s_firmware", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-6408", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-17T19:15:41.696437Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-17T19:36:47.656Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T08:28:21.776Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-044-01.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to sv3.60" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to sv4.20" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "EcoStruxure Control Expert", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to v16.0" } ] }, { "defaultStatus": "unaffected", "product": "EcoStruxure Process Expert", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to v2023" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\nCWE-924: Improper Enforcement of Message Integrity During Transmission in a\nCommunication Channel vulnerability exists that could cause a denial of service and loss of\nconfidentiality, integrity of controllers when conducting a Man in the Middle attack.\n\n" } ], "value": "\nCWE-924: Improper Enforcement of Message Integrity During Transmission in a\nCommunication Channel vulnerability exists that could cause a denial of service and loss of\nconfidentiality, integrity of controllers when conducting a Man in the Middle attack.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-924", "description": "CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-14T16:52:24.805Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-044-01.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2023-6408", "datePublished": "2024-02-14T16:52:24.805Z", "dateReserved": "2023-11-30T09:52:30.945Z", "dateUpdated": "2024-08-02T08:28:21.776Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37301
Vulnerability from cvelistv5
Published
2022-11-22 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: V < |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:20.468Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "lessThanOrEqual": "3.40", "status": "affected", "version": "V", "versionType": "custom" } ] }, { "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ", "vendor": "Schneider Electric", "versions": [ { "lessThanOrEqual": "3.22", "status": "affected", "version": "V", "versionType": "custom" } ] }, { "product": "Legacy Modicon Quantum/Premium", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "product": "Modicon Momentum MDI (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "product": "Modicon MC80 (BMKC80)", "vendor": "Schneider Electric", "versions": [ { "lessThanOrEqual": "1.7", "status": "affected", "version": "V", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191 Integer Underflow (Wrap or Wraparound)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-22T00:00:00", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2022-37301", "datePublished": "2022-11-22T00:00:00", "dateReserved": "2022-08-01T00:00:00", "dateUpdated": "2024-08-03T10:29:20.468Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-8937
Vulnerability from cvelistv5
Published
2024-11-13 04:17
Modified
2024-11-13 15:27
Severity ?
8.3 (High) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS score ?
Summary
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a
crafted Modbus function call to tamper with memory area involved in the authentication process.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: Versions prior to SV3.65 |
||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-8937", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T15:27:46.812909Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T15:27:59.982Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to SV3.65" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (part numbers BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could\ncause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a\ncrafted Modbus function call to tamper with memory area involved in the authentication process.\n\n\n\n\n\n\u003cbr\u003e" } ], "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could\ncause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a\ncrafted Modbus function call to tamper with memory area involved in the authentication process." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 8.3, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T04:17:30.614Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/doc/SEVD-2024-317-03/SEVD-2024-317-03.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2024-8937", "datePublished": "2024-11-13T04:17:30.614Z", "dateReserved": "2024-09-17T07:51:37.095Z", "dateUpdated": "2024-11-13T15:27:59.982Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22786
Vulnerability from cvelistv5
Published
2023-02-01 00:00
Modified
2024-08-03 18:51
Severity ?
EPSS score ?
Summary
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: All < V3.30 |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:51:07.574Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "lessThan": "V3.30", "status": "affected", "version": "All", "versionType": "custom" } ] }, { "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)", "vendor": "Schneider Electric", "versions": [ { "lessThan": "V3.20", "status": "affected", "version": "All", "versionType": "custom" } ] }, { "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "product": "Modicon MC80 (BMKC80)", "vendor": "Schneider Electric", "versions": [ { "lessThan": "V1.6", "status": "affected", "version": "All", "versionType": "custom" } ] }, { "product": "Modicon Momentum CPU (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "lessThan": "V2.3", "status": "affected", "version": "All", "versionType": "custom" } ] }, { "product": "Legacy Modicon Quantum", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "datePublic": "2022-08-09T00:00:00", "descriptions": [ { "lang": "en", "value": "A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200 Information Exposure", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-01T00:00:00", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2021-22786", "datePublished": "2023-02-01T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:51:07.574Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-8936
Vulnerability from cvelistv5
Published
2024-11-13 04:23
Modified
2024-11-13 15:21
Severity ?
8.3 (High) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS score ?
Summary
CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory
after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper
with memory.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: Versions prior to SV3.65 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-8936", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T15:21:17.164381Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T15:21:25.836Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to SV3.65" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory\nafter a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper\nwith memory.\n\n\n\n\n\n\n\n\n\n\u003cbr\u003e" } ], "value": "CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory\nafter a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper\nwith memory." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 8.3, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T04:23:59.219Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/doc/SEVD-2024-317-03/SEVD-2024-317-03.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2024-8936", "datePublished": "2024-11-13T04:23:59.219Z", "dateReserved": "2024-09-17T07:48:38.234Z", "dateUpdated": "2024-11-13T15:21:25.836Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-25619
Vulnerability from cvelistv5
Published
2023-04-19 07:53
Modified
2024-08-02 11:25
Severity ?
EPSS score ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that
could cause denial of service of the controller when communicating over the Modbus TCP
protocol.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: prior to SV3.51 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:25:19.427Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-101-05.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*) ", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "prior to SV3.51" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "prior to V4.10" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All " } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Legacy Modicon Quantum (140CPU65*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Legacy Modicon Premium CPUs (TSXP57*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] } ], "datePublic": "2023-04-10T18:30:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when communicating over the Modbus TCP\nprotocol. \n\n" } ], "value": "\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when communicating over the Modbus TCP\nprotocol. \n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-12T03:15:17.732918Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-101-05.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2023-25619", "datePublished": "2023-04-19T07:53:15.405Z", "dateReserved": "2023-02-09T13:42:27.387Z", "dateUpdated": "2024-08-02T11:25:19.427Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-8938
Vulnerability from cvelistv5
Published
2024-11-13 04:20
Modified
2024-11-13 15:26
Severity ?
9.2 (Critical) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS score ?
Summary
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a
crafted Modbus function call to tamper with memory area involved in memory size computation.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: Versions prior to SV3.65 |
||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "modicon_m340", "vendor": "schneider-electric", "versions": [ { "lessThan": "SV3.65", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_mc80:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_mc80", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_momentum_unity_m1e_processor:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_momentum_unity_m1e_processor", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-8938", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T15:22:57.719928Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T15:26:23.491Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "Versions prior to SV3.65" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (part numbers BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could\ncause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a\ncrafted Modbus function call to tamper with memory area involved in memory size computation.\n\n\n\n\n\n\n\n\u003cbr\u003e" } ], "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could\ncause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a\ncrafted Modbus function call to tamper with memory area involved in memory size computation." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 9.2, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T04:20:19.875Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/doc/SEVD-2024-317-03/SEVD-2024-317-03.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2024-8938", "datePublished": "2024-11-13T04:20:19.875Z", "dateReserved": "2024-09-17T07:54:07.817Z", "dateUpdated": "2024-11-13T15:26:23.491Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45788
Vulnerability from cvelistv5
Published
2023-01-30 00:00
Modified
2024-08-03 14:17
Severity ?
EPSS score ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | EcoStruxure Control Expert |
Version: All Versions |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:17:04.131Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "EcoStruxure Control Expert ", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "EcoStruxure Process Expert", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] }, { "defaultStatus": "unaffected", "product": "Legacy Modicon Quantum (140CPU65*) and Premium CPUs (TSXP57*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026amp; integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\u003c/p\u003e" } ], "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026 integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-09T13:43:07.202Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2022-45788", "datePublished": "2023-01-30T00:00:00", "dateReserved": "2022-11-22T00:00:00", "dateUpdated": "2024-08-03T14:17:04.131Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-25620
Vulnerability from cvelistv5
Published
2023-04-19 08:17
Modified
2024-08-02 11:25
Severity ?
EPSS score ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that
could cause denial of service of the controller when a malicious project file is loaded onto the
controller by an authenticated user.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: prior to SV3.51 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:25:19.224Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-101-05.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*) ", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "prior to SV3.51" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "prior to V4.10" } ] }, { "defaultStatus": "unaffected", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All " } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Legacy Modicon Quantum (140CPU65*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Legacy Modicon Premium CPUs (TSXP57*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All" } ] } ], "datePublic": "2023-04-10T18:30:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\n\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when a malicious project file is loaded onto the\ncontroller by an authenticated user. \n\n \n\n" } ], "value": "\n\n\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when a malicious project file is loaded onto the\ncontroller by an authenticated user. \n\n \n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-12T03:15:17.732918Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-101-05.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2023-25620", "datePublished": "2023-04-19T08:17:57.240Z", "dateReserved": "2023-02-09T13:42:27.387Z", "dateUpdated": "2024-08-02T11:25:19.224Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-8933
Vulnerability from cvelistv5
Published
2024-11-13 04:06
Modified
2024-11-13 15:34
Severity ?
7.5 (High) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS score ?
Summary
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
vulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of
confidentiality and integrity of controllers. To be successful, the attacker needs to inject themself inside the
logical network while a valid user uploads or downloads a project file into the controller.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: All versions |
||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_m340", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_mc80:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_mc80", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_momentum_unity_m1e_processor:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_momentum_unity_m1e_processor", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-8933", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T15:32:16.482241Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T15:34:19.535Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (part numbers BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel\nvulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of\nconfidentiality and integrity of controllers. To be successful, the attacker needs to inject themself inside the\nlogical network while a valid user uploads or downloads a project file into the controller.\n\n\u003cbr\u003e" } ], "value": "CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel\nvulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of\nconfidentiality and integrity of controllers. To be successful, the attacker needs to inject themself inside the\nlogical network while a valid user uploads or downloads a project file into the controller." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 7.5, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-924", "description": "CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T04:06:09.279Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2024-8933", "datePublished": "2024-11-13T04:06:09.279Z", "dateReserved": "2024-09-17T07:30:30.190Z", "dateUpdated": "2024-11-13T15:34:19.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-8935
Vulnerability from cvelistv5
Published
2024-11-13 04:10
Modified
2024-11-13 15:31
Severity ?
7.7 (High) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS score ?
Summary
CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss
of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the
controller and the engineering workstation while a valid user is establishing a communication session. This
vulnerability is inherent to Diffie Hellman algorithm which does not protect against Man-In-The-Middle attacks.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) |
Version: All versions since SV3.60 |
||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_m340_bmxp341000", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "SV3.60", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_mc80_bmkc8020301", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:schneider-electric:modicon_momentum_unity_m1e_processor:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "modicon_momentum_unity_m1e_processor", "vendor": "schneider-electric", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-8935", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T15:29:17.598927Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T15:31:54.906Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Modicon M340 CPU (part numbers BMXP34*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All versions since SV3.60" } ] }, { "defaultStatus": "unaffected", "product": "Modicon MC80 (part numbers BMKC80)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "Modicon Momentum Unity M1E Processor (171CBU*)", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "All Versions" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss\nof confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the\ncontroller and the engineering workstation while a valid user is establishing a communication session. This\nvulnerability is inherent to Diffie Hellman algorithm which does not protect against Man-In-The-Middle attacks.\n\n\n\n\u003cbr\u003e" } ], "value": "CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss\nof confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the\ncontroller and the engineering workstation while a valid user is establishing a communication session. This\nvulnerability is inherent to Diffie Hellman algorithm which does not protect against Man-In-The-Middle attacks." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 7.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T04:10:09.599Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider" }, "references": [ { "url": "https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2024-8935", "datePublished": "2024-11-13T04:10:09.599Z", "dateReserved": "2024-09-17T07:47:01.855Z", "dateUpdated": "2024-11-13T15:31:54.906Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }