140cpu65160_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
140cpu65160_firmware
(Schneider\-Electric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	13

Date	Id	Summary	Products	Score	Patch	Annotated
2018-04-18	CVE-2018-7760	An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	9.8
2018-04-18	CVE-2018-7761	A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	9.8
2018-04-18	CVE-2018-7762	A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	7.5
2020-12-11	CVE-2020-7535	A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.	140cpu65150_firmware, 140cpu65160_firmware, 140noc77101_firmware, 140noc78000_firmware, 140noc78100_firmware, 140noe77101_firmware, 140noe77111_firmware, Bmxnoe0100_firmware, Bmxnoe0110_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Tsxety4103_firmware, Tsxety5103_firmware, Tsxp574634_firmware, Tsxp575634_firmware, Tsxp576634_firmware	7.5
2020-12-11	CVE-2020-7540	A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.	140cpu65150_firmware, 140cpu65160_firmware, 140noc77101_firmware, 140noc78000_firmware, 140noc78100_firmware, 140noe77101_firmware, 140noe77111_firmware, Bmxnoc0401_firmware, Bmxnoe0100_firmware, Bmxnoe0110_firmware, Bmxnor200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Tsxety4103_firmware, Tsxety5103_firmware, Tsxp574634_firmware, Tsxp575634_firmware, Tsxp576634_firmware	9.8
2020-01-06	CVE-2019-6856	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp57354m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	7.5
2020-01-06	CVE-2019-6857	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service of the controller when reading specific memory blocks using Modbus TCP.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp57354m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	7.5
2020-01-06	CVE-2018-7794	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp57354m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	7.5
2020-03-23	CVE-2020-7477	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet – 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, 140noe77101_firmware, 140noe77111_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	N/A
2018-04-18	CVE-2018-7240	A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware	8.8