Vulnerabilites related to schneider-electric - 140noe77101_firmware
Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-04/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-04/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric 140noe77101_firmware *
schneider-electric 140noe77101 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140cpu65160_firmware *
schneider-electric 140cpu65160 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric bmxnor200h_firmware *
schneider-electric bmxnor200h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCDF059-40BF-4A32-9932-A7A744E6F295",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E001828-1A7D-4C8B-95FC-046652D3EF07",
              "versionEndExcluding": "6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72DC31C-3FF4-416C-BCD7-5F78EE066907",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA60BB0-1725-45E7-9191-0D300EB05082",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4570480E-3787-4263-AB51-8AD0B62969CB",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F419FC54-72D9-488F-9B0F-C12CEA213089",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF7A5C7B-9DBA-47CB-B7D4-70184AEBC684",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD80E512-2D78-4375-8DBB-D12E5F0AF484",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD74F63-7BA1-498F-977F-FCA90B5968AA",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA8F733-513D-458A-A1ED-849A3DE8F5FD",
              "versionEndExcluding": "1.08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D112F4-50CB-4EFE-B0EA-43A732A22283",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD6B6C-FF2A-4960-AFD6-9DF4B4F7FD5E",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB6318A-9AEF-4C9D-9678-05208026AC8A",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C280EA-9C52-47A9-AA1E-B0AA9C1F67F2",
              "versionEndExcluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C093ECB-B977-4346-9E0E-DC30DD762055",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "887976CC-8244-4D86-9941-BA82BC1AB6C2",
              "versionEndExcluding": "2.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "916E21A9-E841-496D-84DB-A6427A300FD2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61020CA2-94D2-461F-B103-5A4985AE438E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
    },
    {
      "lang": "es",
      "value": "Una CWE-306: Se presenta una vulnerabilidad de Falta Autenticaci\u00f3n para la Funci\u00f3n Cr\u00edtica en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas), que podr\u00eda causar una ejecuci\u00f3n de comandos no autenticados en el controlador cuando se env\u00edan peticiones HTTP especiales"
    }
  ],
  "id": "CVE-2020-7540",
  "lastModified": "2024-11-21T05:37:20.573",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.377",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-03-23 20:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet – 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-070-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-070-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric 140noe77101_firmware *
schneider-electric 140noe77101 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric tsxh5744m_firmware *
schneider-electric tsxh5744m -
schneider-electric tsxh5724m_firmware *
schneider-electric tsxh5724m -
schneider-electric tsxp576634m_firmware *
schneider-electric tsxp576634m_ -
schneider-electric tsxp57554m_firmware *
schneider-electric tsxp57554m -
schneider-electric tsxp575634m_firmware *
schneider-electric tsxp575634m -
schneider-electric tsxp57454m_firmware *
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware *
schneider-electric tsxp574634m -
schneider-electric tsxp573634m_firmware *
schneider-electric tsxp573634m -
schneider-electric tsxp57304m_firmware *
schneider-electric tsxp57304m -
schneider-electric tsxp57254m_firmware *
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware *
schneider-electric tsxp572634m -
schneider-electric tsxp57204m_firmware *
schneider-electric tsxp57204m_ -
schneider-electric tsxp571634m_firmware *
schneider-electric tsxp571634m -
schneider-electric tsxp57154m_firmware *
schneider-electric tsxp57154m -
schneider-electric tsxp57104m_firmware *
schneider-electric tsxp57104m -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140cpu65160_firmware *
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware *
schneider-electric 140cpu65260 -
schneider-electric 140cpu67261_firmware *
schneider-electric 140cpu67261 -
schneider-electric 140cpu67060_firmware *
schneider-electric 140cpu67060 -
schneider-electric 140cpu67160_firmware *
schneider-electric 140cpu67160 -
schneider-electric 140cpu67261_firmware *
schneider-electric 140cpu67261 -
schneider-electric 140cpu67260_firmware *
schneider-electric 140cpu67260 -
schneider-electric 140cpu65860_firmware *
schneider-electric 140cpu65860 -
schneider-electric 140cpu67861_firmware *
schneider-electric 140cpu67861 -
schneider-electric 140cpu65160s_firmware *
schneider-electric 140cpu65160s -
schneider-electric 140cpu67160s_firmware *
schneider-electric 140cpu67160s -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBD41A9-D8AD-4DDE-88F3-B182E9DF527A",
              "versionEndIncluding": "7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA60BB0-1725-45E7-9191-0D300EB05082",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7044736-5FE7-427E-9933-201FB3864A0E",
              "versionEndIncluding": "7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03DE0D33-EB6F-47E6-BDFC-60AE40B6F585",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B475AAF-5C7A-423A-938B-FF74C2D58282",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97308761-4337-47F6-94F2-EC522AC518BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F683564-419D-418B-A4D5-BB203F709DD7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DB2158C-7A06-40F6-8262-E6D6B57C8F28",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC3C419-7110-415D-937F-5D45EC3F004C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F1E476-CB01-45B1-B6B0-3CC128335724",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97DCF441-ECDE-447C-A7FE-1C24F88E731C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A68B9A93-214C-4438-AD41-67567A55FA68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B525CDB6-2B83-45BD-8C8A-FDF047A3CD35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C13CD97-D5D1-4CD9-A4F4-E20F2A467A3B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BE4DCA8-BC70-49FF-A9DF-9CB765BA988B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EF98525-6247-4851-992E-2DC8C6289756",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E25651C-E4B5-47A2-A6CE-79F7ECAE246E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8343247E-6A03-4786-933C-5ABE1CDEA6CE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AA6AD6-CB6E-41BA-962C-06617383861A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08174753-EE13-43FA-A570-BAEC87A861BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD78FFA-3F5F-43DA-979D-42B0673C36D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AB1DB30-D2E6-49C9-9140-09B9F331D257",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67261_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C5F7FC8-CA35-476E-A302-12FF21F3394C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67261:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "164AEEA1-666F-428A-BFCB-5DEEEFE1D771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67060_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF5FB95-4A51-4E92-B1AA-BA52C1E600D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67060:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF2A7A3-89EF-480D-8E6E-20E11CF60A97",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CF4155-F52E-43C6-A227-17833C585B14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3870E952-7A32-43DA-8C66-DE43C862639B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67261_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C5F7FC8-CA35-476E-A302-12FF21F3394C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67261:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "164AEEA1-666F-428A-BFCB-5DEEEFE1D771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67260_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83B90A1C-1273-40CF-9051-5A83418BC03F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E4FCBA-4980-4C8F-A185-5E9C4CF9E8B5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD1061C-2DED-42E8-8B53-9BE8B4643A39",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67861_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECFF950-0AD8-439C-A0E0-898EC4BBFB07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF97B5A6-960F-42BA-A397-09C819A3200C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32298B8-D999-43E8-BEEF-7680A0D67F80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu67160s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE373AE-04E2-456E-A59E-5DAD7227D74A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu67160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71C1C17A-9111-49B8-A2CE-3A2FB87616F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en el m\u00f3dulo Quantum Ethernet Network 140NOE771x1 (Versiones 7.0 y anteriores), procesadores Quantum con Ethernet integrado - 140CPU65xxxxx (todas las Versiones) y procesadores Premium con Ethernet integrado (todas las Versiones), lo que podr\u00eda causar una Denegaci\u00f3n de servicio al enviar un comando especialmente dise\u00f1ado sobre Modbus."
    }
  ],
  "id": "CVE-2020-7477",
  "lastModified": "2024-11-21T05:37:13.433",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-03-23T20:15:12.230",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-05/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-05/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric 140noe77101_firmware *
schneider-electric 140noe77101 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140cpu65160_firmware *
schneider-electric 140cpu65160 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C045040-20CA-488D-A36D-A433754A33E8",
              "versionEndExcluding": "3.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A33A381-6772-4137-A677-5F73EA398FF6",
              "versionEndExcluding": "6.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "181826EC-4E4E-4EE2-A729-6823843E6CA8",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA60BB0-1725-45E7-9191-0D300EB05082",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC49273-1C5D-4E0E-B484-0269CDA4E655",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD78FFA-3F5F-43DA-979D-42B0673C36D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A62DEBF-6343-48BB-835C-64AE9D8F956A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11C9B98-3119-41CF-8320-447E7E00977E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B16121-8DC3-4EA1-AC7B-D611A1C3C9A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP."
    },
    {
      "lang": "es",
      "value": "Una CWE-22: Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta a un Directorio Restringido (Tipo de Vulnerabilidad \"Path Traversal\") en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas ), que podr\u00eda causar la divulgaci\u00f3n de informaci\u00f3n cuando se env\u00eda una petici\u00f3n especialmente dise\u00f1ada hacia el controlador a trav\u00e9s de HTTP"
    }
  ],
  "id": "CVE-2020-7535",
  "lastModified": "2024-11-21T05:37:19.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.127",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

CVE-2020-7540 (GCVE-0-2020-7540)
Vulnerability from cvelistv5
Published
2020-12-11 00:52
Modified
2024-08-04 09:33
Severity ?
CWE
  • CWE-306 - Missing Authentication for Critical Function
Summary
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.
References
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:03",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-306: Missing Authentication for Critical Function"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7540",
    "datePublished": "2020-12-11T00:52:03",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7477 (GCVE-0-2020-7477)
Vulnerability from cvelistv5
Published
2020-03-23 19:14
Modified
2024-08-04 09:33
Severity ?
CWE
  • CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet – 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus.
References
Impacted products
Vendor Product Version
n/a Modicon Quantum Ethernet Network module and Quantum / Premium COPRO (Quantum Ethernet Network module 140NOE771x1, versions 7.0 and prior, Quantum processors with integrated Ethernet – 140CPU65xxxxx, all versions, Premium processors with integrated Ethernet, all versions) Version: Modicon Quantum Ethernet Network module and Quantum / Premium COPRO (Quantum Ethernet Network module 140NOE771x1, versions 7.0 and prior, Quantum processors with integrated Ethernet – 140CPU65xxxxx, all versions, Premium processors with integrated Ethernet, all versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:18.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon Quantum Ethernet Network module and Quantum / Premium COPRO (Quantum Ethernet Network module 140NOE771x1, versions 7.0 and prior, Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx, all versions, Premium processors with integrated Ethernet, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon Quantum Ethernet Network module and Quantum / Premium COPRO (Quantum Ethernet Network module 140NOE771x1, versions 7.0 and prior, Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx, all versions, Premium processors with integrated Ethernet, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-23T19:14:31",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-02/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7477",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon Quantum Ethernet Network module and Quantum / Premium COPRO (Quantum Ethernet Network module 140NOE771x1, versions 7.0 and prior, Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx, all versions, Premium processors with integrated Ethernet, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon Quantum Ethernet Network module and Quantum / Premium COPRO (Quantum Ethernet Network module 140NOE771x1, versions 7.0 and prior, Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx, all versions, Premium processors with integrated Ethernet, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet \u2013 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-070-02/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-02/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7477",
    "datePublished": "2020-03-23T19:14:31",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:18.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7535 (GCVE-0-2020-7535)
Vulnerability from cvelistv5
Published
2020-12-11 00:51
Modified
2024-08-04 09:33
Severity ?
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type)
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.
References
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:51:37",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7535",
    "datePublished": "2020-12-11T00:51:37",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}