VDB
CNVD-2022-68926
CNVD-2022-68926
PUBLISHED
Schneider Electric Modicon Quantum和Schneider Electric Modicon M340都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric Modicon Quantum是一款用于过程应用、高可用性和安全解决方案的大型可编程逻辑控制器(PLC)。Schneider Electric Modicon M340是一款用于工业过程和基础设施的中程PLC(可编程逻辑控制器)。 Schneider Electric多款产品存在越界写漏洞,攻击者可利用该漏洞向设备的Web服务器发送特制HTTP请求,导致拒绝服务。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric Modicon M340 X80 Ethernet Communication Modules BMXNOR0200H RTU(All Versions) | ||
| Schneider Electric Modicon Premium Processors with integrated Ethernet (Copro) 140CPU65xxxxx(All Versions) | ||
| Schneider Electric Modicon Quantum Communication Modules 140NOC78x00 | ||
| Schneider Electric Modicon M340 X80 Ethernet Communication Modules BMXNOE0100(H) | ||
| Schneider Electric Modicon M340 CPUs BMXP34 (<=3.40) | ||
| Schneider Electric Modicon M340 X80 Ethernet Communication Modules BMXNOC0401 | ||
| Schneider Electric Modicon M340 X80 Ethernet Communication Modules BMXNOE0110(H) | ||
| Schneider Electric Modicon Premium Processors with integrated Ethernet (Copro) TSXP575634 | ||
| Schneider Electric Modicon Quantum Communication Modules 140NOE771x1 | ||
| Schneider Electric Modicon Quantum Communication Modules TSXETY4103 | ||
| Schneider Electric Modicon Premium Processors with integrated Ethernet (Copro) TSXP576634(All Versions) | ||
| Schneider Electric Modicon Premium Processors with integrated Ethernet (Copro) TSXP574634 | ||
| Schneider Electric Modicon Quantum Communication Modules TSXETY5103(All Versions) | ||
| Schneider Electric Modicon Quantum Communication Modules 140NOC77101(All Versions) |
Timeline
- Feb 15, 2022 CVE ID Reserved
- Oct 14, 2022 CVE Published