A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSchneider Electric 140cpu31110
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu31110c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu31110c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu31110 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412u
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412uc
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412uc Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412u Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160s
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160s Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200
HWSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200h
HWSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200h Firmware
OSSchneider-Electricwszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
Related vulnerabilities
CVE-2022-37300CRITICAL9.8ten sam produkt
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unaut...
CVE-2021-22779CRITICAL9.1ten sam produkt
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V1...
CVE-2020-7540CRITICAL9.8ten sam produkt
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340...
CVE-2020-7533CRITICAL9.8ten sam produkt
CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webse...
CVE-2018-7241CRITICAL9.8ten sam produkt
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR02...