Vulnerabilities > Schneider Electric > Modicon M340 Bmxp342030H Firmware > 2.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-14 | CVE-2023-6408 | Unspecified vulnerability in Schneider-Electric products CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack. | 8.1 |
| 2023-02-01 | CVE-2021-22786 | Unspecified vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. | 7.5 |
| 2022-11-22 | CVE-2022-0222 | Improper Privilege Management vulnerability in Schneider-Electric products A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. | 7.5 |
| 2022-09-12 | CVE-2022-37300 | Unspecified vulnerability in Schneider-Electric products A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. | 9.8 |
| 2017-06-30 | CVE-2017-6017 | Resource Exhaustion vulnerability in Schneider-Electric products A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. | 7.5 |