Note:
This project will be discontinued after December 13, 2021. [more]
Product:
140cpu65_firmware
(Schneider\-Electric)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-04 | CVE-2020-7534 | A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01,... | 140cpu65_firmware, 140noc78000_firmware, 140noe77111_firmware, Bmxnoc0401_firmware, Bmxnoe01_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp342020_firmware, Tsxety4103_firmware, Tsxety5103_firmware, Tsxp57_firmware | 8.8 | ||
| 2023-04-19 | CVE-2023-25620 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller by an authenticated user. | 140cpu65_firmware, Bmeh58s_firmware, Bmep58s_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Modicon_mc80_firmware, Modicon_momentum_unity_m1e_processor_firmware, Tsxp57_firmware | 6.5 |