CVE-2013-2763

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-2763
** DISPUTED ** The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions."

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf Broken Link Third Party Advisory US Government Resource
http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf Broken Link Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*
History

21 Nov 2024, 01:52

Type Values Removed Values Added
References () http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf - Broken Link, Third Party Advisory, US Government Resource () http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf - Broken Link, Third Party Advisory, US Government Resource

31 Jan 2022, 20:31

Type Values Removed Values Added
References (MISC) http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf - (MISC) http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf - Broken Link, Third Party Advisory, US Government Resource
CPE cpe:2.3:h:se:modicon_m340:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*
CWE CWE-119 CWE-400

19 Aug 2021, 18:21

Type Values Removed Values Added
CPE cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m340:-:*:*:*:*:*:*:*
Information

Published : 2013-04-04 11:58

Updated : 2025-04-11 00:51

NVD link : CVE-2013-2763

Mitre link : CVE-2013-2763

CVE.ORG link : CVE-2013-2763

JSON object : View

Products Affected

schneider-electric

  • modicon_m340_bmx_p34-2010_firmware
  • modicon_m340_bmxp342010
  • modicon_m340_bmxp342030
  • modicon_m340_bmxp342010_firmware
  • modicon_m340_bmx_noe_0100
  • modicon_m340_bmx_nor_0200h_firmware
  • modicon_m340_bmx_noc_0401
  • modicon_m340_bmx_noe_0110h_firmware
  • modicon_m340_bmx_noe_0100h_firmware
  • modicon_m340_bmx_p34-2010
  • modicon_m340_bmx_noc_0401_firmware
  • modicon_m340_bmxp341000
  • modicon_m340_bmx_p34-2030
  • modicon_m340_bmx_noe_0110h
  • modicon_m340_bmx_noe_0110
  • modicon_m340_bmx_noe_0110_firmware
  • modicon_m340_bmx_noe_0100h
  • modicon_m340_bmxp342020
  • modicon_m340_bmxp342020_firmware
  • modicon_m340_bmxp341000_firmware
  • modicon_m340_bmx_noe_0100_firmware
  • modicon_m340_bmx_p34-2030_firmware
  • modicon_m340_bmx_nor_0200h
  • modicon_m340_bmxp342030_firmware
CWE
CWE-400

Uncontrolled Resource Consumption