Vulnerabilities > Schneider Electric > Modicon M580 Bmep582040S Firmware > 2.90

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-01	CVE-2021-22786	Information Exposure vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. network low complexity schneider-electric CWE-200	7.5
2022-11-22	CVE-2022-37301	Integer Underflow (Wrap or Wraparound) vulnerability in Schneider-Electric products A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. network low complexity schneider-electric CWE-191	7.5
2020-01-06	CVE-2019-6855	Incorrect Authorization vulnerability in Schneider-Electric products Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers. network low complexity schneider-electric CWE-863	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.