Vulnerabilities > Schneider Electric > Modicon M340 Bmxp342020H Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-04-18 CVE-2018-7242 Inadequate Encryption Strength vulnerability in Schneider-Electric products
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.
network
low complexity
schneider-electric CWE-326
critical
9.8
2018-04-18 CVE-2018-7241 Use of Hard-coded Credentials vulnerability in Schneider-Electric products
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.
network
low complexity
schneider-electric CWE-798
critical
9.8
2017-06-30 CVE-2017-6017 Resource Exhaustion vulnerability in Schneider-Electric products
A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H.
network
low complexity
schneider-electric CWE-400
7.5
2014-10-03 CVE-2014-0754 Path Traversal vulnerability in Schneider-Electric products
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.
network
low complexity
schneider-electric CWE-22
critical
10.0