Product:

Bmxnor0200h_firmware

(Schneider\-Electric)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 14
Date Id Summary Products Score Patch Annotated
2022-02-04 CVE-2020-7534 A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01,... 140cpu65_firmware, 140noc78000_firmware, 140noe77111_firmware, Bmxnoc0401_firmware, Bmxnoe01_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp342020_firmware, Tsxety4103_firmware, Tsxety5103_firmware, Tsxp57_firmware 8.8
2019-09-17 CVE-2019-6810 CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol. Bmxnor0200h_firmware 8.8
2019-09-17 CVE-2019-6831 A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on port 2404/TCP. Bmxnor0200h_firmware 8.6
2019-09-17 CVE-2019-6813 A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Modicon M340 controller (all firmware versions), which could cause denial of service when truncated SNMP packets on port 161/UDP are received by the device. Bmxnor0200h_firmware, Modicon_m340_firmware 7.5