Vulnerabilities > Schneider Electric > Modicon M218 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-22800 | Unspecified vulnerability in Schneider-Electric Modicon M218 Firmware 4.3/5.0.0.7/5.1.0.6 A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. | 7.5 |
| 2020-08-31 | CVE-2020-7524 | Unspecified vulnerability in Schneider-Electric Modicon M218 Firmware 4.3/5.0.0.7 Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4 devices to go down. | 7.5 |
| 2020-06-16 | CVE-2020-7502 | Out-of-bounds Write vulnerability in Schneider-Electric Modicon M218 Firmware 4.3 A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller. | 7.5 |
| 2020-04-22 | CVE-2020-7488 | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric products A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. | 7.5 |