Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22800 | 1 Schneider-electric | 2 Modicon M218, Modicon M218 Firmware | 2022-02-18 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior) | |||||
| CVE-2020-7487 | 1 Schneider-electric | 11 Ecostruxure Machine Expert, Modicon M218, Modicon M218 Firmware and 8 more | 2022-02-03 | 7.5 HIGH | 9.8 CRITICAL |
| A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers. | |||||
| CVE-2020-7488 | 1 Schneider-electric | 11 Ecostruxure Machine Expert, Modicon M218, Modicon M218 Firmware and 8 more | 2022-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. | |||||
| CVE-2020-7524 | 1 Schneider-electric | 2 Modicon M218, Modicon M218 Firmware | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4 devices to go down. The device does not work properly and must be powered back on to return to normal. | |||||
| CVE-2020-7502 | 1 Schneider-electric | 2 Modicon M218, Modicon M218 Firmware | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller. | |||||