Vulnerabilities > Schneider Electric > Modicon M580 Bmep586040 Firmware > 3.20

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-14	CVE-2023-6408	Unspecified vulnerability in Schneider-Electric products CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack. network high complexity schneider-electric	8.1
2022-11-22	CVE-2022-37301	Unspecified vulnerability in Schneider-Electric products A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. network low complexity schneider-electric	7.5
2022-09-12	CVE-2022-37300	Unspecified vulnerability in Schneider-Electric products A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. network low complexity schneider-electric critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.