Product:

Bmxnoe0110_firmware

(Schneider\-Electric)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 14
Date Id Summary Products Score Patch Annotated
2024-06-12 CVE-2024-5056 CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the filesystem. Bmxnoe0100_firmware, Bmxnoe0110_firmware, Modicon_m340_firmware 6.5
2019-03-21 CVE-2015-6461 Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page. Bmxnoc0401_firmware, Bmxnoe0100_firmware, Bmxnoe0110_firmware, Bmxnoe0110h_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302h_firmware, Modicon_m340_bmxp342030_firmware, Modicon_m340_bmxp342030h_firmware 5.4
2017-06-30 CVE-2017-6017 A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover. Bmxnoc0401_firmware, Bmxnoe0100_firmware, Bmxnoe0110_firmware, Bmxnoe0110h_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302h_firmware, Modicon_m340_bmxp342030_firmware, Modicon_m340_bmxp342030h_firmware 7.5
2019-03-21 CVE-2015-6462 Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser. Bmxnoc0401_firmware, Bmxnoe0100_firmware, Bmxnoe0110_firmware, Bmxnoe0110h_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302h_firmware, Modicon_m340_bmxp342030_firmware, Modicon_m340_bmxp342030h_firmware 5.4