A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
schneider-electric modicon_tsxety4103_firmware |
||
schneider-electric modicon_tsxety5103_firmware |
||
schneider-electric modicon_tsxp574634_firmware |
||
schneider-electric modicon_tsxp575634_firmware |
||
schneider-electric modicon_tsxp576634_firmware |
||
schneider-electric modicon_quantum_140noe77101_firmware |
||
schneider-electric modicon_quantum_140noe77111_firmware |
||
schneider-electric modicon_quantum_140noc78100_firmware |
||
schneider-electric modicon_quantum_140cpu65150_firmware |
||
schneider-electric modicon_quantum_140cpu65150c_firmware |
||
schneider-electric modicon_quantum_140cpu65160c_firmware |
||
schneider-electric modicon_quantum_140cpu65160_firmware |
||
schneider-electric modicon_m340_bmx_p34-2010_firmware |
||
schneider-electric modicon_m340_bmx_p34-2030_firmware |
||
schneider-electric modicon_m340_bmx_noc_0401_firmware |
||
schneider-electric modicon_m340_bmx_noe_0100_firmware |
||
schneider-electric modicon_m340_bmx_noe_0100h_firmware |
||
schneider-electric modicon_m340_bmx_noe_0110_firmware |
||
schneider-electric modicon_m340_bmx_noe_0110h_firmware |
||
schneider-electric modicon_m340_bmx_nor_0200h_firmware |
Vulmon