Vulnerabilities > Schneider Electric > Modicon M340 Bmxp341000 Firmware > 3.40

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-14	CVE-2023-6408	Unspecified vulnerability in Schneider-Electric products CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack. network high complexity schneider-electric	8.1
2022-11-22	CVE-2022-0222	Improper Privilege Management vulnerability in Schneider-Electric products A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. network low complexity schneider-electric CWE-269	7.5
2022-09-12	CVE-2022-37300	Unspecified vulnerability in Schneider-Electric products A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. network low complexity schneider-electric critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.