Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

schneider-electric modicon m218 firmware vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3

CVE-2020-7487

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the malicious user to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric SomachineSchneider-electric Somachine MotionSchneider-electric Ecostruxure Machine ExpertSchneider-electric Modicon M218 FirmwareSchneider-electric Modicon M241 FirmwareSchneider-electric Modicon M251 FirmwareSchneider-electric Modicon M258 Firmware
7.5
CVSSv3

CVE-2020-7488

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.
Schneider-electric SomachineSchneider-electric Somachine MotionSchneider-electric Ecostruxure Machine ExpertSchneider-electric Modicon M218 FirmwareSchneider-electric Modicon M241 FirmwareSchneider-electric Modicon M251 FirmwareSchneider-electric Modicon M258 Firmware
7.5
CVSSv3

CVE-2020-7524

Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Contro...
Schneider-electric Modicon M218 Firmware
7.5
CVSSv3

CVE-2021-22800

A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior)
Schneider-electric Modicon M218 Firmware
7.5
CVSSv3

CVE-2020-7502

A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.
Schneider-electric Modicon M218 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflowtype confusionserver-side request forgeryCVE-2024-38440CVE-2024-27801CVE-2024-5868CVE-2024-0582CVE-2024-37643CVE-2024-3105
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook