Vulnerabilities > Schneider Electric > Modicon M340 Bmxp342030 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-01	CVE-2021-22786	Unspecified vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. network low complexity schneider-electric	7.5
2022-11-22	CVE-2022-0222	Improper Privilege Management vulnerability in Schneider-Electric products A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. network low complexity schneider-electric CWE-269	7.5
2022-02-04	CVE-2022-22724	Unspecified vulnerability in Schneider-Electric products A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502 (Modbus), when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. network low complexity schneider-electric	7.5
2017-06-30	CVE-2017-6017	Resource Exhaustion vulnerability in Schneider-Electric products A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. network low complexity schneider-electric CWE-400	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.