Vulnerabilities > Schneider Electric > Modicon M340 Bmxp342010 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-01	CVE-2021-22786	Unspecified vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. network low complexity schneider-electric	7.5
2022-11-22	CVE-2022-0222	Improper Privilege Management vulnerability in Schneider-Electric products A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. network low complexity schneider-electric CWE-269	7.5
2022-02-04	CVE-2022-22724	Unspecified vulnerability in Schneider-Electric products A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502 (Modbus), when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. network low complexity schneider-electric	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.