A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02 | Patch Vendor Advisory |
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
History
21 Nov 2024, 05:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02 - Patch, Vendor Advisory |
10 Apr 2024, 12:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric modicon M340 Bmxp342020 Firmware
Schneider-electric modicon M340 Bmxp342020 |
|
CPE | cpe:2.3:o:schneider-electric:bmxp342020_firmware:*:*:*:*:*:*:*:* |
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:* |
23 Feb 2022, 19:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02 - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:o:schneider-electric:140noc78x00_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnor0200h_rtu_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxnor0200h_rtu:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140noc78x00:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:140noe771x1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp342020_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140noe771x1:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxp342020:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:* |
11 Feb 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-11 18:15
Updated : 2024-11-21 05:50
NVD link : CVE-2021-22788
Mitre link : CVE-2021-22788
CVE.ORG link : CVE-2021-22788
JSON object : View
Products Affected
schneider-electric
- bmxnor0200h_rtu_firmware
- tsxety5103
- 140noe771x1
- tsxp576634
- tsxety4103_firmware
- bmxnoe0110
- 140noc78x00
- modicon_m340_bmxp342020_firmware
- tsxety4103
- bmxnoc0401_firmware
- tsxp576634_firmware
- tsxp574634
- 140noe771x1_firmware
- 140cpu65150_firmware
- 140noc78x00_firmware
- bmxnoe0100
- tsxp575634_firmware
- tsxp575634
- bmxnoe0100_firmware
- bmxnor0200h_rtu
- 140noc77101
- tsxety5103_firmware
- tsxp574634_firmware
- 140cpu65150
- bmxnoe0110_firmware
- modicon_m340_bmxp342020
- 140noc77101_firmware
- bmxnoc0401
CWE
CWE-787
Out-of-bounds Write