Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for BMXNOR0200H by Schneider Electric

    VAR-201410-1134

    Vulnerability from variot - Updated: 2025-08-26 23:21

    Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request. Schneider Electric provides products and services in the areas of energy and infrastructure, industry, data centers and networks, buildings and residential. Exploiting this issue can allow an attacker to gain access to arbitrary files. Information harvested may aid in launching further attacks. Schneider Electric Modicon PLC Ethernet is an Ethernet programmable controller produced by French Schneider Electric (Schneider Electric). The following versions are affected: Schneider Electric Modicon PLC Ethernet modules 140CPU65x Version, 140NOC78x Version, 140NOE77x Version, BMXNOC0401 Version, BMXNOC0402 Version, BMXNOE0100 Version, BMXNOE0110x Version, TSXETC101 Version, TSXETC0101 Version, TSXETY4103x Version, TSXETY5103x Version, TSXP57x Version, TSXP57x Version

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201410-1134",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tsxp574823m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxety5103c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxety110ws",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "171ccc96020c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574823mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxety5103",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "stbnic2212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "171ccc98030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxetz410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "171ccc96030c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxety4103",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0110h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxety110wsc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m580 bmxnoc0402",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxetz510",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "stbnip2212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "171ccc98020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxwmy100c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxetc0101",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxntp100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoc0401",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxwmy100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574823am",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573623mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxetc100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxety4103c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "171ccc96030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "171ccc96020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "140cpu65x exec 5.5"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "140noc78x exec 1.62"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "140noe77x exec 6.2"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "bmxnoc0401 2.05"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "bmxnoe0100 2.9"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "bmxnoe0110x exec 6.0"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "tsxetc101 exec 2.04"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "tsxety4103x exec 5.7"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "tsxety5103x exec 5.9"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "tsxp57x ethernet copro exec 5.5"
          },
          {
            "model": "modicon plc ethernet communication module",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "tsxp57x etyport exec 5.7"
          },
          {
            "model": "electric modicon plc ethernet module",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "bmxp3420302h"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "bmxp342030h"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "tsxp573634m"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "140cpu65160"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "tsxp572623mc"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "tsxp572623m"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "140cpu65150"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "171ccc96020"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "140cpu65260"
          },
          {
            "model": "modicon plc ethernet module",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "171ccc96020c"
          },
          {
            "model": "tsxwmy100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxwmy10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp576634",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp575634",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp574823m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp574823a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp574823",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp574634",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp573634",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp573623m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp573623a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp573623",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp572823m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp572823",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp572634",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp572623mc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp572623m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxntp100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxetz510",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxetz410",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxety5103c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxety5103",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxety4103c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxety4103",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxety110wsc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxety110ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxetc100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "tsxetc0101",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxprmxxxx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxp342030h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxp3420302h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxp342030",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxp342020h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxp342020",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnoe0110h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnoe0110",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnoe0100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnoc0402",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnoc0401",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmx noe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "01100"
          },
          {
            "model": "171ccc98030",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "171ccc98020",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "171ccc96030c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "171ccc96030",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "171ccc96020c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "171ccc96020",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "170ent11002",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "170ent11001",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140nwm10000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noe77111c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noe77111",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noe77110",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noe77101c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noe77101",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noe77100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noc78100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noc78000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140noc77100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noc77100",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noc78000",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noe77100",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noe77101",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noe77101c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noe77110",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noe77111",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140noe77111c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "140nwm10000",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "170ent11001",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "170ent11002",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "170ent11002c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "171ccc96020",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "171ccc96020c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "171ccc96030",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "171ccc96030c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "171ccc98020",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "171ccc98030",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxnoc0402",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxnoe0110",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxp342020",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxp342020h",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxp342030",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxp342030h",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxp3420302",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxp3420302h",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "bmxprmxxxx",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "stbnic2212",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "stbnip2212",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxetc100",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxetc0101",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxety110ws",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxety110wsc",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxety4103",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxety4103c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxety5103",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxety5103c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxetz410",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxetz510",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxntp100",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp572623m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp572623mc",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp572823m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp572823mc",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp573623am",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp573623m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp573623mc",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp574823am",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp574823m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp574823mc",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxwmy100",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          },
          {
            "model": "tsxwmy100c",
            "scope": null,
            "trust": 0.2,
            "vendor": "modicon plc ethernet module",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "BID",
            "id": "70193"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_plc_ethernet_module",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Billy Rios",
        "sources": [
          {
            "db": "BID",
            "id": "70193"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-0754",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-0754",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 2.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-06695",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "cce5fe38-2351-11e6-abef-000c29c66e3d",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-68247",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-0754",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-0754",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-0754",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-06695",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201410-075",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "cce5fe38-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-68247",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request. Schneider Electric provides products and services in the areas of energy and infrastructure, industry, data centers and networks, buildings and residential. \nExploiting this issue can allow an attacker to gain access to arbitrary  files. Information harvested may aid in launching further attacks. Schneider Electric Modicon PLC Ethernet is an Ethernet programmable controller produced by French Schneider Electric (Schneider Electric). The following versions are affected: Schneider Electric Modicon PLC Ethernet modules 140CPU65x Version, 140NOC78x Version, 140NOE77x Version, BMXNOC0401 Version, BMXNOC0402 Version, BMXNOE0100 Version, BMXNOE0110x Version, TSXETC101 Version, TSXETC0101 Version, TSXETY4103x Version, TSXETY5103x Version, TSXP57x Version, TSXP57x Version",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "BID",
            "id": "70193"
          },
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-0754",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-273-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "70193",
            "trust": 2.6
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2014-260-01",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "CCE5FE38-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "db": "BID",
            "id": "70193"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "id": "VAR-201410-1134",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          }
        ],
        "trust": 1.691666675
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          }
        ]
      },
      "last_update_date": "2025-08-26T23:21:37.378000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Modicon PLC Ethernet Communication Modules",
            "trust": 0.8,
            "url": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf"
          },
          {
            "title": "Patches for multiple Schneider Electric product catalog traversal vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/50841"
          },
          {
            "title": "BMXNOE0100+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54170"
          },
          {
            "title": "BMXNOE0110+Web+and+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54171"
          },
          {
            "title": "140NOE77101+Exec+For+Unity+Users",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54184"
          },
          {
            "title": "140NOE77101+Exec+For+Non+Unity+Users",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54183"
          },
          {
            "title": "140NOE77111+Exec+For+Unity+and+Non+Unity+Users",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54185"
          },
          {
            "title": "140CPU65260+Quantum+Copro+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54180"
          },
          {
            "title": "140CPU65160+Quantum+Copro+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54179"
          },
          {
            "title": "140CPU65150+Quantum+CoPro+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54178"
          },
          {
            "title": "140NOC78000+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54181"
          },
          {
            "title": "TSXP575634M+Premium+Copro+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54176"
          },
          {
            "title": "TSXP574634M+Premium+Copro+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54175"
          },
          {
            "title": "TSXP576634M+Premium+Copro+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54177"
          },
          {
            "title": "TSXETC101+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54172"
          },
          {
            "title": "140NOC78100+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54182"
          },
          {
            "title": "TSXP573634M+ETY+Port+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54188"
          },
          {
            "title": "TSXP572634M+ETY+Port+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54187"
          },
          {
            "title": "TSXETY5103+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54174"
          },
          {
            "title": "TSXP571634M+ETY+Port+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54186"
          },
          {
            "title": "TSXETY4103+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54173"
          },
          {
            "title": "BMXNOC0401+Exec",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54169"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-273-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/70193"
          },
          {
            "trust": 1.6,
            "url": "http://download.schneider-electric.com/files?p_reference=sevd-2014-260-01\u0026p_endoctype=software%20-%20updates\u0026p_file_id=608959359\u0026p_file_name=sevd-2014-260-01.pdf"
          },
          {
            "trust": 1.3,
            "url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2014-260-01"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-273-01"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0754"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0754"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
          },
          {
            "trust": 0.1,
            "url": "http://download.schneider-electric.com/files?p_reference=sevd-2014-260-01\u0026amp;p_endoctype=software%20-%20updates\u0026amp;p_file_id=608959359\u0026amp;p_file_name=sevd-2014-260-01.pdf"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "db": "BID",
            "id": "70193"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "db": "BID",
            "id": "70193"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-14T00:00:00",
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2014-10-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "date": "2014-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "date": "2014-09-30T00:00:00",
            "db": "BID",
            "id": "70193"
          },
          {
            "date": "2014-10-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "date": "2014-10-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "date": "2014-10-03T18:55:06.017000",
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06695"
          },
          {
            "date": "2016-04-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-68247"
          },
          {
            "date": "2014-09-30T00:00:00",
            "db": "BID",
            "id": "70193"
          },
          {
            "date": "2014-10-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          },
          {
            "date": "2022-02-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          },
          {
            "date": "2025-08-26T00:15:30.757000",
            "db": "NVD",
            "id": "CVE-2014-0754"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric Modicon PLC Ethernet Module  SchneiderWEB Vulnerable to directory traversal",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004531"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Path traversal",
        "sources": [
          {
            "db": "IVD",
            "id": "cce5fe38-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-075"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201706-0453

    Vulnerability from variot - Updated: 2025-04-20 23:32

    A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover. SchneiderElectricModiconM340PLC is a programmable controller product from Schneider Electric, France. A denial of service vulnerability exists in SchneiderElectricModiconM340PLC. A remote attacker could exploit this vulnerability to make the device unresponsive, resulting in a denial of service. The following versions are affected: Modicon M340 PLC BMXNOC0401 ; BMXNOE0100 ; BMXNOE0110 ; BMXNOE0110H ; BMXNOR0200H ; BMXP341000 ; BMXP342000 ; BMXP3420102 ; BMXP3420102CL ; BMXP342020 ; BMXP342020H ; BMXP342030 ; BMXP3420302 ; BMXP3420302H ; BMXP342030H

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0453",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxnoe0100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp342030h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxnoc0401",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxnoe0110h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxnoe0110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "modicon m340 plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon m340 plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "bmxp342020",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp3420102cl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp342000",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp3420302",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp3420302h",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "m340 plc",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp342020h",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp342030",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp342030h",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": "bmxp3420102",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoc0401",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342030",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342030h",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0100",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0110",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0110h",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342000",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102",
            "version": "2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102cl",
            "version": "2.8"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:m340_plc_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Luis Francisco Martin Liras.",
        "sources": [
          {
            "db": "BID",
            "id": "96414"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-6017",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-6017",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-03144",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-114220",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-6017",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-6017",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-6017",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-03144",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201702-595",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-114220",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover. SchneiderElectricModiconM340PLC is a programmable controller product from Schneider Electric, France. A denial of service vulnerability exists in SchneiderElectricModiconM340PLC. A remote attacker could exploit this vulnerability to make the device unresponsive, resulting in a denial of service. The following versions are affected: Modicon M340 PLC BMXNOC0401 ; BMXNOE0100 ; BMXNOE0110 ; BMXNOE0110H ; BMXNOR0200H ; BMXP341000 ; BMXP342000 ; BMXP3420102 ; BMXP3420102CL ; BMXP342020 ; BMXP342020H ; BMXP342030 ; BMXP3420302 ; BMXP3420302H ; BMXP342030H ",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "BID",
            "id": "96414"
          },
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-6017",
            "trust": 3.6
          },
          {
            "db": "BID",
            "id": "96414",
            "trust": 2.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-054-03",
            "trust": 2.5
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2017-048-02",
            "trust": 1.1
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "42F18207-58B3-4F72-AEE4-B1B10DA6E76D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "db": "BID",
            "id": "96414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "id": "VAR-201706-0453",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          }
        ],
        "trust": 1.9
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:32:12.076000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Modicon M340",
            "trust": 0.8,
            "url": "http://www.schneider-electric.com/en/product-range/1468-modicon-m340"
          },
          {
            "title": "SchneiderElectricModiconM340PLC denial of service vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/90690"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-400",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-054-03"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/96414"
          },
          {
            "trust": 1.1,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2017-048-02/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6017"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6017"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "db": "BID",
            "id": "96414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "db": "BID",
            "id": "96414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-03-23T00:00:00",
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "date": "2017-03-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "date": "2017-06-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "date": "2017-02-23T00:00:00",
            "db": "BID",
            "id": "96414"
          },
          {
            "date": "2017-07-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "date": "2017-02-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "date": "2017-06-30T03:29:00.233000",
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-03-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          },
          {
            "date": "2018-12-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-114220"
          },
          {
            "date": "2017-03-07T03:09:00",
            "db": "BID",
            "id": "96414"
          },
          {
            "date": "2017-07-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005159"
          },
          {
            "date": "2017-07-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-6017"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric Modicon M340 PLC Denial of service vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "42f18207-58b3-4f72-aee4-b1b10da6e76d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-03144"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-595"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201512-0029

    Vulnerability from variot - Updated: 2025-04-13 23:09

    Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. Schneider Electric Modicon M340 PLC BMXNOx and BMXPx are programmable controller products from Schneider Electric, France. GoAhead Web Server is one of the embedded web servers. Schneider Electric Modicon M340 is prone to an unspecified stack-based buffer-overflow vulnerability. Failed exploit attempts may crash the application, denying service to legitimate users

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0029",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "bmxnoe0110",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100h",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxpra0100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342030",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp3420302",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp3420302h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxpra0100",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "bmxp342020h",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342030",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxpra0100",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnor0200h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnor0200",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0110h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0110",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0100h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0100",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoc0401",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoc0401",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0100",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0100h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0110h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342030",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxpra0100",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "BID",
            "id": "79622"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnoc0401",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnoe0100",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnoe0100h",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnoe0110",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnoe0110h",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnor0200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnor0200h",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxp342020",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxp342020h",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxp342030",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxp3420302",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxp3420302h",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxpra0100",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Nir Giller",
        "sources": [
          {
            "db": "BID",
            "id": "79622"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2015-7937",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-7937",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2015-08446",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-85898",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-7937",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-7937",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2015-08446",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201512-542",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-85898",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. Schneider Electric Modicon M340 PLC BMXNOx and BMXPx are programmable controller products from Schneider Electric, France. GoAhead Web Server is one of the embedded web servers. Schneider Electric Modicon M340 is prone to an unspecified stack-based buffer-overflow vulnerability. Failed exploit attempts may crash the application, denying service to legitimate users",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "BID",
            "id": "79622"
          },
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-7937",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-15-351-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "79622",
            "trust": 2.6
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2015-344-01",
            "trust": 1.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "6D82E7A8-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "db": "BID",
            "id": "79622"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "id": "VAR-201512-0029",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          }
        ],
        "trust": 1.6454545666666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:09:43.825000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2015-344-01",
            "trust": 0.8,
            "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01"
          },
          {
            "title": "Schneider Electric Modicon M340 PLC BMXNOx and BMXPx Stack Buffer Overflow Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/68892"
          },
          {
            "title": "Schneider Electric Modicon M340 PLC BMXNOx  and BMXPx Fixes for stack-based buffer overflow vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59311"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-351-01"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/79622"
          },
          {
            "trust": 1.7,
            "url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-344-01"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7937"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7937"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/en/all-products"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "db": "BID",
            "id": "79622"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "db": "BID",
            "id": "79622"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-12-24T00:00:00",
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2015-12-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "date": "2015-12-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "date": "2015-12-17T00:00:00",
            "db": "BID",
            "id": "79622"
          },
          {
            "date": "2015-12-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "date": "2015-12-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "date": "2015-12-21T11:59:12.097000",
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-12-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-08446"
          },
          {
            "date": "2016-11-28T00:00:00",
            "db": "VULHUB",
            "id": "VHN-85898"
          },
          {
            "date": "2015-12-17T00:00:00",
            "db": "BID",
            "id": "79622"
          },
          {
            "date": "2015-12-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          },
          {
            "date": "2015-12-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-7937"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric Modicon M340 PLC BMXNOx and  BMXPx Device stack-based buffer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006488"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow",
        "sources": [
          {
            "db": "IVD",
            "id": "6d82e7a8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-542"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201804-1268

    Vulnerability from variot - Updated: 2024-11-23 22:45

    Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. plural Schneider Electric The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon Premium\Modicon Quantum\Modicon M340\Modicon BMXNOR0200 is a programmable controller product from Schneider Electric, France. A number of Schneider Electric products have a hard-coded certificate vulnerability that stems from the fact that the FTP server contains a hard-coded account that allows an attacker to exploit the vulnerability to perform unauthorized access. Multiple Schneider Electric Modicon products are prone to a remote security vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. The vulnerability stems from the presence of hard-coded accounts in the program

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1268",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tsxp57554m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160s",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412uc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 pac",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon premium plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon quantum plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon quantum",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon rtu",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "x80"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "140cpu65160c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5724m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5744mc",
            "version": null
          },
          {
            "model": "modicon quantum",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "modicon premium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "modicon m340",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "modicon bmxnor0200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412uc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5744m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5724mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412u",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160s",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "BID",
            "id": "103542"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnor0200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_m340",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_premium",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_quantum_plc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Nikita Maximov (Positive Technologies)",
        "sources": [
          {
            "db": "BID",
            "id": "103542"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7241",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7241",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 4.9,
                "id": "CNVD-2018-06520",
                "impactScore": 7.8,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 4.9,
                "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1",
                "impactScore": 7.8,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-137273",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7241",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7241",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7241",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06520",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-999",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137273",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-7241",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-7241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. plural Schneider Electric The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon Premium\\\\Modicon Quantum\\\\Modicon M340\\\\Modicon BMXNOR0200 is a programmable controller product from Schneider Electric, France. A number of Schneider Electric products have a hard-coded certificate vulnerability that stems from the fact that the FTP server contains a hard-coded account that allows an attacker to exploit the vulnerability to perform unauthorized access. Multiple Schneider Electric Modicon products are prone to a remote security vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. The vulnerability stems from the presence of hard-coded accounts in the program",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "BID",
            "id": "103542"
          },
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-7241"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7241",
            "trust": 3.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-086-01",
            "trust": 3.5
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-081-01",
            "trust": 2.1
          },
          {
            "db": "BID",
            "id": "103542",
            "trust": 1.5
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "39226",
            "trust": 0.6
          },
          {
            "db": "IVD",
            "id": "E2E9E141-39AB-11E9-89D4-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-7241",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-7241"
          },
          {
            "db": "BID",
            "id": "103542"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "id": "VAR-201804-1268",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          }
        ],
        "trust": 1.7565656666666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:45:23.704000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Notification - Embedded FTP Servers for Modicon",
            "trust": 0.8,
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
          },
          {
            "title": "Multiple Schneider Electric Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79469"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-798",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.6,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-086-01"
          },
          {
            "trust": 2.1,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-01/"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103542"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7241"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7241"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/39226"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/798.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-7241"
          },
          {
            "db": "BID",
            "id": "103542"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-7241"
          },
          {
            "db": "BID",
            "id": "103542"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-28T00:00:00",
            "db": "IVD",
            "id": "e2e9e141-39ab-11e9-89d4-000c29342cb1"
          },
          {
            "date": "2018-03-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-7241"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "BID",
            "id": "103542"
          },
          {
            "date": "2018-06-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "date": "2018-03-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "date": "2018-04-18T20:29:00.327000",
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06520"
          },
          {
            "date": "2018-12-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137273"
          },
          {
            "date": "2018-12-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-7241"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "BID",
            "id": "103542"
          },
          {
            "date": "2018-07-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          },
          {
            "date": "2024-11-21T04:11:51.557000",
            "db": "NVD",
            "id": "CVE-2018-7241"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Schneider Electric Vulnerabilities related to the use of hard-coded credentials in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004278"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-999"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-1269

    Vulnerability from variot - Updated: 2024-11-23 22:45

    Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks. plural Schneider Electric The product contains a vulnerability related to cryptographic strength.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon Premium\Modicon Quantum\Modicon M340\Modicon BMXNOR0200 is a programmable controller product from Schneider Electric, France. A number of Schneider Electric products have a weak encryption algorithm vulnerability that stems from the fact that the FTP server does not limit the length of the command parameters, which can cause buffer overflows. Multiple Schneider Electric Modicon products are prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1269",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tsxp57554m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160s",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412uc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 pac",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon premium plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon quantum plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon quantum",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon rtu",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "x80"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "140cpu65160c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5724m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5744mc",
            "version": null
          },
          {
            "model": "modicon quantum",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "modicon premium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "modicon m340",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": "modicon bmxnor0200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412uc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5744m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5724mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412u",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160s",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "BID",
            "id": "103543"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:bmxnor0200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_m340",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_premium",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:schneider_electric:modicon_quantum_plc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Nikita Maximov (Positive Technologies)",
        "sources": [
          {
            "db": "BID",
            "id": "103543"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7242",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7242",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 4.9,
                "id": "CNVD-2018-06519",
                "impactScore": 7.8,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 4.9,
                "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1",
                "impactScore": 7.8,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137274",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7242",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7242",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7242",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06519",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-1000",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137274",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks. plural Schneider Electric The product contains a vulnerability related to cryptographic strength.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon Premium\\\\Modicon Quantum\\\\Modicon M340\\\\Modicon BMXNOR0200 is a programmable controller product from Schneider Electric, France. A number of Schneider Electric products have a weak encryption algorithm vulnerability that stems from the fact that the FTP server does not limit the length of the command parameters, which can cause buffer overflows. Multiple Schneider Electric Modicon products are prone to a remote security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "BID",
            "id": "103543"
          },
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7242",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-086-01",
            "trust": 3.4
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-081-01",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "103543",
            "trust": 1.4
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "39225",
            "trust": 0.6
          },
          {
            "db": "IVD",
            "id": "E2EA2F5E-39AB-11E9-890E-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "db": "BID",
            "id": "103543"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "id": "VAR-201804-1269",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          }
        ],
        "trust": 1.7565656666666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:45:23.622000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Notification - Embedded FTP Servers for Modicon",
            "trust": 0.8,
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
          },
          {
            "title": "Multiple Schneider Electric Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79470"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-326",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-086-01"
          },
          {
            "trust": 2.0,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-01/"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/103543"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7242"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7242"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/39225"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "db": "BID",
            "id": "103543"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "db": "BID",
            "id": "103543"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-28T00:00:00",
            "db": "IVD",
            "id": "e2ea2f5e-39ab-11e9-890e-000c29342cb1"
          },
          {
            "date": "2018-03-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "BID",
            "id": "103543"
          },
          {
            "date": "2018-06-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "date": "2018-03-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "date": "2018-04-18T20:29:00.373000",
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06519"
          },
          {
            "date": "2018-12-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137274"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "BID",
            "id": "103543"
          },
          {
            "date": "2018-07-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          },
          {
            "date": "2024-11-21T04:11:51.740000",
            "db": "NVD",
            "id": "CVE-2018-7242"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Schneider Electric Vulnerability related to cryptographic strength in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004279"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-1000"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201903-0624

    Vulnerability from variot - Updated: 2024-11-23 22:30

    Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser. plural Schneider Electric Modicon The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Modicon PLC is a programmable controller product for the dam, energy, food agriculture and other industries. Multiple Schneider Electric Modicon M340 PLC products are prone to an unspecified cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Schneider Electric Modicon PLC BMXNOC0401 etc. are programmable controllers of French Schneider Electric (Schneider Electric). The following products are affected: Schneider Electric Modicon PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, BMXP3420303030

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0624",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342030",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp3420302",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp3420302h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnor0200h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0110h",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0110",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoe0100",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxnoc0401",
            "scope": null,
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoc0401",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342030h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0100",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnoe0110h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342030",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "BID",
            "id": "76613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoc0401_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoe0100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoe0110_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoe0110h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp342020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp342020h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp342030_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp3420302_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp3420302h_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Aditya K. Sood and Juan Francisco Bolivar",
        "sources": [
          {
            "db": "BID",
            "id": "76613"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2015-6462",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2015-6462",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.1,
                "id": "CNVD-2015-05939",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "SINGLE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.1,
                "id": "7c549830-2351-11e6-abef-000c29c66e3d",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.2,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-84423",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2015-6462",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-6462",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-6462",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2015-05939",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201509-443",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "7c549830-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-84423",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser. plural Schneider Electric Modicon The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Modicon PLC is a programmable controller product for the dam, energy, food agriculture and other industries. Multiple Schneider Electric Modicon M340 PLC products are prone to an unspecified cross-site scripting vulnerability because it fails to sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Schneider Electric Modicon PLC BMXNOC0401 etc. are programmable controllers of French Schneider Electric (Schneider Electric). The following products are affected: Schneider Electric Modicon PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, BMXP3420303030",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "BID",
            "id": "76613"
          },
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-6462",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-15-246-02",
            "trust": 3.4
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241",
            "trust": 0.8
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2015-233-01",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "76613",
            "trust": 0.4
          },
          {
            "db": "IVD",
            "id": "7C549830-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "db": "BID",
            "id": "76613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "id": "VAR-201903-0624",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          }
        ],
        "trust": 1.73333335
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:30:07.838000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
            "trust": 0.8,
            "url": "https://www.se.com/jp/ja/"
          },
          {
            "title": "Patch for Schneider Electric Modicon PLC Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/63775"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-246-02"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6462"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6462"
          },
          {
            "trust": 0.6,
            "url": "http://download.schneider-electric.com/files?p_file_id=1039693246\u0026amp;p_file_name=sevd-2015-233-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/en/product-range/1468-modicon-m340/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "db": "BID",
            "id": "76613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "db": "BID",
            "id": "76613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-09-11T00:00:00",
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2015-09-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "date": "2019-03-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "date": "2015-09-03T00:00:00",
            "db": "BID",
            "id": "76613"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "date": "2015-09-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          },
          {
            "date": "2019-03-21T19:29:00.317000",
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-09-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-84423"
          },
          {
            "date": "2015-09-03T00:00:00",
            "db": "BID",
            "id": "76613"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-008241"
          },
          {
            "date": "2019-10-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          },
          {
            "date": "2024-11-21T02:35:00.833000",
            "db": "NVD",
            "id": "CVE-2015-6462"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric Modicon PLC Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "7c549830-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05939"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201509-443"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201903-0642

    Vulnerability from variot - Updated: 2024-11-23 22:30

    Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page. plural Schneider Electric Modicon The product contains an input validation vulnerability.Information may be obtained and information may be altered. Modicon PLC is a programmable controller product for the dam, energy, food agriculture and other industries. Schneider Electric Modicon M340 PLC is a medium-sized PLC platform for industrial processes and architectures. There are several security holes in the Modicon M340 PLC Station P34 module. Exploitation of these vulnerabilities could allow remote attackers to obtain sensitive information or execute arbitrary code on a web server, bypass authentication mechanisms, and access vulnerable devices

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0642",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342030",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoc0401",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0100",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnoe0110h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342020h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp342030",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp3420302",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp3420302h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340 plc station p34 module",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxnoc0401",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxp342030h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxnoe0100",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxnoe0110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxnoe0110h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxp342030",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "bmxp3420302",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoc0401_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoe0100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoe0110_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnoe0110h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp342020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp342020h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp342030_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp3420302_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp3420302h_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Aditya K. Sood",
        "sources": [
          {
            "db": "BID",
            "id": "76327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2015-6461",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2015-6461",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.1,
                "id": "CNVD-2015-05940",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2015-05740",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "0aca935a-1e69-11e6-abef-000c29c66e3d",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "SINGLE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.1,
                "id": "7c567132-2351-11e6-abef-000c29c66e3d",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.2,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-84422",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2015-6461",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-6461",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-6461",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2015-05940",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2015-05740",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201508-386",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "0aca935a-1e69-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "7c567132-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-84422",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page. plural Schneider Electric Modicon The product contains an input validation vulnerability.Information may be obtained and information may be altered. Modicon PLC is a programmable controller product for the dam, energy, food agriculture and other industries. Schneider Electric Modicon M340 PLC is a medium-sized PLC platform for industrial processes and architectures. There are several security holes in the Modicon M340 PLC Station P34 module. Exploitation of these vulnerabilities could allow remote attackers to obtain sensitive information or execute arbitrary code on a web server, bypass authentication mechanisms, and access vulnerable devices",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "BID",
            "id": "76327"
          },
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          }
        ],
        "trust": 3.42
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-6461",
            "trust": 3.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-15-246-02",
            "trust": 3.1
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386",
            "trust": 1.1
          },
          {
            "db": "BID",
            "id": "76327",
            "trust": 1.0
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242",
            "trust": 0.8
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2015-233-01",
            "trust": 0.6
          },
          {
            "db": "IVD",
            "id": "0ACA935A-1E69-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "IVD",
            "id": "7C567132-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "db": "BID",
            "id": "76327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "id": "VAR-201903-0642",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          }
        ],
        "trust": 2.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 1.6
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:30:07.790000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
            "trust": 0.8,
            "url": "https://www.se.com/jp/ja/"
          },
          {
            "title": "Schneider Electric Modicon PLC file contains patches for vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/63776"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          },
          {
            "problemtype": "CWE-98",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-246-02"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6461"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6461"
          },
          {
            "trust": 0.6,
            "url": "http://download.schneider-electric.com/files?p_file_id=1039693246\u0026amp;p_file_name=sevd-2015-233-01.pdf"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/76327"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "db": "BID",
            "id": "76327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-09-01T00:00:00",
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2015-09-11T00:00:00",
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2015-09-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "date": "2015-09-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "date": "2019-03-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "date": "2015-08-12T00:00:00",
            "db": "BID",
            "id": "76327"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "date": "2015-08-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          },
          {
            "date": "2019-03-21T19:29:00.267000",
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-09-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          },
          {
            "date": "2015-09-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-05740"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-84422"
          },
          {
            "date": "2015-11-03T19:30:00",
            "db": "BID",
            "id": "76327"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-008242"
          },
          {
            "date": "2019-10-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          },
          {
            "date": "2024-11-21T02:35:00.673000",
            "db": "NVD",
            "id": "CVE-2015-6461"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric Modicon PLC File contains vulnerabilities",
        "sources": [
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-05940"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input validation error",
        "sources": [
          {
            "db": "IVD",
            "id": "0aca935a-1e69-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7c567132-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "BID",
            "id": "76327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-386"
          }
        ],
        "trust": 1.3
      }
    }

    VAR-201909-0040

    Vulnerability from variot - Updated: 2024-11-23 22:06

    CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol. BMXNOR0200H Ethernet / Serial RTU The module contains an unauthorized authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet serial RTU (remote terminal device) module of Schneider Electric (France Schneider Electric) company.

    Schneider Electric BMXNOR0200H Ethernet/Serial RTU module has access control error vulnerability. The vulnerability stems from network systems or products that do not properly restrict access to resources from unauthorized roles. There is currently no detailed vulnerability details provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0040",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "*"
          },
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric schneider electric bmxnor0200h ethernet/serial rtu module",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200h_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          }
        ]
      },
      "cve": "CVE-2019-6810",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2019-6810",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-25046",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-158245",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-6810",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-6810",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-6810",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-6810",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-25046",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-816",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-158245",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-6810",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6810"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol. BMXNOR0200H Ethernet / Serial RTU The module contains an unauthorized authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet serial RTU (remote terminal device) module of Schneider Electric (France Schneider Electric) company. \n\r\n\r\nSchneider Electric BMXNOR0200H Ethernet/Serial RTU module has access control error vulnerability. The vulnerability stems from network systems or products that do not properly restrict access to resources from unauthorized roles. There is currently no detailed vulnerability details provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6810"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-6810",
            "trust": 3.2
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2019-225-03",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0526",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-044-01",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6810",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6810"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "id": "VAR-201909-0040",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          }
        ],
        "trust": 1.45
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:06:01.665000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2019-225-03",
            "trust": 0.8,
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-225-03/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-284",
            "trust": 1.0
          },
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2019-225-03/"
          },
          {
            "trust": 1.8,
            "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6810"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6810"
          },
          {
            "trust": 0.6,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-20-044-01"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0526/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6810"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6810"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-6810"
          },
          {
            "date": "2019-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          },
          {
            "date": "2019-09-17T20:15:11.860000",
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-25046"
          },
          {
            "date": "2023-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-158245"
          },
          {
            "date": "2023-02-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-6810"
          },
          {
            "date": "2019-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          },
          {
            "date": "2023-02-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          },
          {
            "date": "2024-11-21T04:47:12.243000",
            "db": "NVD",
            "id": "CVE-2019-6810"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "BMXNOR0200H Ethernet / Serial RTU Incorrect authentication vulnerability in module",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009444"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-816"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201909-0042

    Vulnerability from variot - Updated: 2024-11-23 22:06

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Modicon M340 controller (all firmware versions), which could cause denial of service when truncated SNMP packets on port 161/UDP are received by the device. BMXNOR0200H Ethernet / Serial RTU module and Modicon M340 controller Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and BMXNOR0200H Ethernet/Serial RTU module are products of Schneider Electric (France). Schneider Electric Modicon M340 is a mid-range PLC (programmable logic controller) for industrial processes and infrastructure. BMXNOR0200H Ethernet/Serial RTU module is an Ethernet serial RTU (remote terminal device) module.

    Schneider Electric BMXNOR0200H Ethernet/Serial RTU module and Modicon M340 controller have code issue vulnerabilities. The vulnerability stems from the problem of improper design or implementation in the code development process of network systems or products. There is currently no detailed vulnerability details provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0042",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "*"
          },
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric schneider electric bmxnor0200h ethernet/serial rtu module",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200h_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:modicon_m340_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          }
        ]
      },
      "cve": "CVE-2019-6813",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-6813",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-25045",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-158248",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-6813",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-6813",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-6813",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-6813",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-25045",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-819",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-158248",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Modicon M340 controller (all firmware versions), which could cause denial of service when truncated SNMP packets on port 161/UDP are received by the device. BMXNOR0200H Ethernet / Serial RTU module and Modicon M340 controller Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and BMXNOR0200H Ethernet/Serial RTU module are products of Schneider Electric (France). Schneider Electric Modicon M340 is a mid-range PLC (programmable logic controller) for industrial processes and infrastructure. BMXNOR0200H Ethernet/Serial RTU module is an Ethernet serial RTU (remote terminal device) module. \n\r\n\r\nSchneider Electric BMXNOR0200H Ethernet/Serial RTU module and Modicon M340 controller have code issue vulnerabilities. The vulnerability stems from the problem of improper design or implementation in the code development process of network systems or products. There is currently no detailed vulnerability details provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-6813",
            "trust": 3.1
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2019-225-03",
            "trust": 2.3
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2019-225-02",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-044-01",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0526",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "id": "VAR-201909-0042",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          }
        ],
        "trust": 1.45
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:06:01.633000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2019-225-02",
            "trust": 0.8,
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-225-02/"
          },
          {
            "title": "SEVD-2019-225-03",
            "trust": 0.8,
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-225-03/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-754",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2019-225-03/"
          },
          {
            "trust": 1.7,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2019-225-02/"
          },
          {
            "trust": 1.7,
            "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6813"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6813"
          },
          {
            "trust": 0.6,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-20-044-01"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0526/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "date": "2019-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          },
          {
            "date": "2019-09-17T20:15:12",
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-25045"
          },
          {
            "date": "2019-10-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-158248"
          },
          {
            "date": "2019-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          },
          {
            "date": "2022-03-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          },
          {
            "date": "2024-11-21T04:47:12.570000",
            "db": "NVD",
            "id": "CVE-2019-6813"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "BMXNOR0200H Ethernet / Serial RTU module and  Modicon M340 controller Vulnerabilities related to exceptional state checking",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009446"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-819"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201909-0047

    Vulnerability from variot - Updated: 2024-11-23 22:06

    A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on port 2404/TCP. Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet serial RTU (remote terminal device) module of Schneider Electric (France Schneider Electric) company.

    Schneider Electric BMXNOR0200H Ethernet/Serial RTU module has access control error vulnerability. The vulnerability stems from network systems or products that do not properly restrict access to resources from unauthorized roles. There is currently no detailed vulnerability details provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0047",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "bmxnor0200h",
            "scope": null,
            "trust": 1.4,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": "*"
          },
          {
            "model": "electric schneider electric bmxnor0200h ethernet/serial rtu module",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200h_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          }
        ]
      },
      "cve": "CVE-2019-6831",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-6831",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-25044",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-158266",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-6831",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.6,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-6831",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-6831",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-6831",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-25044",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-823",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-158266",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-6831",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on port 2404/TCP. Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet serial RTU (remote terminal device) module of Schneider Electric (France Schneider Electric) company. \n\r\n\r\nSchneider Electric BMXNOR0200H Ethernet/Serial RTU module has access control error vulnerability. The vulnerability stems from network systems or products that do not properly restrict access to resources from unauthorized roles. There is currently no detailed vulnerability details provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6831"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-6831",
            "trust": 3.2
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2019-225-03",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-044-01",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0526",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6831",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "id": "VAR-201909-0047",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          }
        ],
        "trust": 1.45
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:06:01.598000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2019-225-03",
            "trust": 0.8,
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-225-03/"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2019-6831 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-754",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2019-225-03/"
          },
          {
            "trust": 1.8,
            "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6831"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6831"
          },
          {
            "trust": 0.6,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-20-044-01"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0526/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/754.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2019-6831"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "date": "2019-09-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "date": "2019-09-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "date": "2019-09-17T20:15:12.343000",
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-25044"
          },
          {
            "date": "2019-10-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-158266"
          },
          {
            "date": "2022-09-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-6831"
          },
          {
            "date": "2019-09-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          },
          {
            "date": "2020-02-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          },
          {
            "date": "2024-11-21T04:47:14.383000",
            "db": "NVD",
            "id": "CVE-2019-6831"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "BMXNOR0200H Ethernet / Serial RTU Vulnerability in module checking for exceptional conditions",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-009523"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-823"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-1338

    Vulnerability from variot - Updated: 2024-11-23 21:39

    A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow. plural Schneider Electric The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. An attacker could exploit the vulnerability to cause a denial of service (crash)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1338",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160s",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412uc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp341000",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon quantum plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric bmxnor0200",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          },
          {
            "model": "electric modicon m340 no",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          },
          {
            "model": "electric modicon quantum plc",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          },
          {
            "model": "electric bmxnor0200",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:140cpu31110_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp341000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxh5724m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxp57104m_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          }
        ]
      },
      "cve": "CVE-2018-7762",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7762",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-11262",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "e2f293cf-39ab-11e9-a773-000c29342cb1",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-137794",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7762",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7762",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7762",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-11262",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-822",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "e2f293cf-39ab-11e9-a773-000c29342cb1",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137794",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability exists in the web services to process SOAP requests in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow. plural Schneider Electric The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. An attacker could exploit the vulnerability to cause a denial of service (crash)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7762",
            "trust": 3.3
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-081-02",
            "trust": 2.3
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2F293CF-39AB-11E9-A773-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "id": "VAR-201804-1338",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          }
        ],
        "trust": 1.79242425
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:39:00.405000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2018-081-02",
            "trust": 0.8,
            "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-081-02+Modicon.pdf\u0026p_Doc_Ref=SEVD-2018-081-02"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-02/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7762"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7762"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "date": "2018-04-18T20:29:00.857000",
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11262"
          },
          {
            "date": "2018-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137794"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          },
          {
            "date": "2024-11-21T04:12:41.390000",
            "db": "NVD",
            "id": "CVE-2018-7762"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Schneider Electric Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004492"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow",
        "sources": [
          {
            "db": "IVD",
            "id": "e2f293cf-39ab-11e9-a773-000c29342cb1"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-822"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201804-1337

    Vulnerability from variot - Updated: 2024-11-23 21:39

    A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. plural Schneider Electric The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. The HTTP request parser is one of the HTTP request parsers. A remote attacker can exploit this vulnerability to execute arbitrary code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1337",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "140cpu65860",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110c",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160s",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412uc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150c",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860c",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160c",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp341000",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon quantum plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric bmxnor0200",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "bmxp341000",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "140cpu65160c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5724m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5744mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412uc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5744m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5724mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412u",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160s",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:140cpu31110_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp341000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxh5724m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxp57104m_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          }
        ]
      },
      "cve": "CVE-2018-7761",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7761",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-11261",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137793",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7761",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7761",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7761",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-11261",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-823",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137793",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability exists in the HTTP request parser in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. plural Schneider Electric The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. The HTTP request parser is one of the HTTP request parsers. A remote attacker can exploit this vulnerability to execute arbitrary code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7761",
            "trust": 3.3
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-081-02",
            "trust": 2.3
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2F26CC0-39AB-11E9-B2F8-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "id": "VAR-201804-1337",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          }
        ],
        "trust": 1.79242425
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:39:00.367000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2018-081-02",
            "trust": 0.8,
            "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-081-02+Modicon.pdf\u0026p_Doc_Ref=SEVD-2018-081-02"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-02/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7761"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7761"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "date": "2018-04-18T20:29:00.793000",
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11261"
          },
          {
            "date": "2018-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137793"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          },
          {
            "date": "2024-11-21T04:12:41.250000",
            "db": "NVD",
            "id": "CVE-2018-7761"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Schneider Electric Vulnerability related to input validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004491"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input validation",
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-823"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201804-1336

    Vulnerability from variot - Updated: 2024-11-23 21:39

    An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization. plural Schneider Electric The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. Security vulnerabilities exist in several Schneider Electric products. A remote attacker could exploit the vulnerability to execute arbitrary code by sending a specially crafted request

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1336",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160s",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412uc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp341000",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon quantum plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric bmxnor0200",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "140cpu65160c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5724m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "tsxh5744mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412uc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860c",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342000",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxnor0200h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420102cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302cl",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp3420302h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp342020h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "bmxp341000h",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5744m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65150",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu31110",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxh5724mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57104mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57154mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp571634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57204mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57254mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp572634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu43412u",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57304mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57354mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp573634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57454mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp574634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp575634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp576634mc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "tsxp57554m",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65260",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65860",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "140cpu65160s",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:140cpu31110_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp341000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxh5724m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxp57104m_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          }
        ]
      },
      "cve": "CVE-2018-7760",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7760",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-11259",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137792",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7760",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7760",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7760",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-11259",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-824",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137792",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An authorization bypass vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization. plural Schneider Electric The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. Security vulnerabilities exist in several Schneider Electric products. A remote attacker could exploit the vulnerability to execute arbitrary code by sending a specially crafted request",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7760",
            "trust": 3.3
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-081-02",
            "trust": 2.3
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2F245AE-39AB-11E9-8D5A-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "id": "VAR-201804-1336",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          }
        ],
        "trust": 1.79242425
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:39:00.330000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2018-081-02",
            "trust": 0.8,
            "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-081-02+Modicon.pdf\u0026p_Doc_Ref=SEVD-2018-081-02"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-02/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7760"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7760"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "IVD",
            "id": "e2f245ae-39ab-11e9-8d5a-000c29342cb1"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "date": "2018-04-18T20:29:00.747000",
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11259"
          },
          {
            "date": "2018-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137792"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          },
          {
            "date": "2024-11-21T04:12:41.097000",
            "db": "NVD",
            "id": "CVE-2018-7760"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Schneider Electric Authentication vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004490"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-824"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-1335

    Vulnerability from variot - Updated: 2024-11-23 21:39

    A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied. plural Schneider Electric The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. A remote attacker could exploit the vulnerability by sending a specially crafted request to cause a denial of service (crash)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1335",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "140cpu65860",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160s",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57554mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634mc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57254m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp575634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65860c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57454m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp573634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57304mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65160c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5744m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57154mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp571634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65260c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200h",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412uc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu43412u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp574634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420302",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp341000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp342020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu65150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102cl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57204m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp572634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "modicon m340 bmxp3420102",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57354mc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp576634m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "140cpu31110",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxnor0200",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "bmxp341000",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxh5724m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "tsxp57104m",
            "scope": null,
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon m340",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon quantum plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric bmxnor0200",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "electric modicon premium",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          },
          {
            "model": "electric modicon m340 no",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          },
          {
            "model": "electric modicon quantum plc",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          },
          {
            "model": "electric bmxnor0200",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "schneider",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:140cpu31110_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:bmxp341000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxh5724m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:schneider_electric:tsxp57104m_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          }
        ]
      },
      "cve": "CVE-2018-7759",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7759",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-11260",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-137791",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7759",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7759",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7759",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-11260",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-825",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137791",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A buffer overflow vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied. plural Schneider Electric The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. A remote attacker could exploit the vulnerability by sending a specially crafted request to cause a denial of service (crash)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7759",
            "trust": 3.3
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-081-02",
            "trust": 2.3
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2F26CC1-39AB-11E9-AF70-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "id": "VAR-201804-1335",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          }
        ],
        "trust": 1.79242425
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:39:00.294000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD-2018-081-02",
            "trust": 0.8,
            "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-081-02+Modicon.pdf\u0026p_Doc_Ref=SEVD-2018-081-02"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-02/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7759"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7759"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "date": "2018-04-18T20:29:00.683000",
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-06-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-11260"
          },
          {
            "date": "2018-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137791"
          },
          {
            "date": "2018-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          },
          {
            "date": "2024-11-21T04:12:40.943000",
            "db": "NVD",
            "id": "CVE-2018-7759"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Schneider Electric Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-004489"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow",
        "sources": [
          {
            "db": "IVD",
            "id": "e2f26cc1-39ab-11e9-af70-000c29342cb1"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-825"
          }
        ],
        "trust": 0.8
      }
    }

    CVE-2024-12142 (GCVE-0-2024-12142)

    Vulnerability from nvd – Published: 2025-01-17 10:19 – Updated: 2025-02-12 16:51
    VLAI
    Summary
    CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-17T13:18:13.025284Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T16:51:46.673Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Modicon M340 processors (part numbers BMXP34*)",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "BMXNOE0100",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "BMXNOE0110",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "All Versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "BMXNOR0200H",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions prior to SV1.70IR26"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could\ncause information disclosure of restricted web page, modification of web page and denial of\nservice when specific web pages are modified and restricted functions are invoked.\n\n\u003cbr\u003e"
                }
              ],
              "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could\ncause information disclosure of restricted web page, modification of web page and denial of\nservice when specific web pages are modified and restricted functions are invoked."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-17T10:19:11.768Z",
            "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
            "shortName": "schneider"
          },
          "references": [
            {
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-014-05.pdf"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "assignerShortName": "schneider",
        "cveId": "CVE-2024-12142",
        "datePublished": "2025-01-17T10:19:11.768Z",
        "dateReserved": "2024-12-04T11:14:37.294Z",
        "dateUpdated": "2025-02-12T16:51:46.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12142 (GCVE-0-2024-12142)

    Vulnerability from cvelistv5 – Published: 2025-01-17 10:19 – Updated: 2025-02-12 16:51
    VLAI
    Summary
    CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-17T13:18:13.025284Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T16:51:46.673Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Modicon M340 processors (part numbers BMXP34*)",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "BMXNOE0100",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "BMXNOE0110",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "All Versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "BMXNOR0200H",
              "vendor": "Schneider Electric",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions prior to SV1.70IR26"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could\ncause information disclosure of restricted web page, modification of web page and denial of\nservice when specific web pages are modified and restricted functions are invoked.\n\n\u003cbr\u003e"
                }
              ],
              "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could\ncause information disclosure of restricted web page, modification of web page and denial of\nservice when specific web pages are modified and restricted functions are invoked."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-17T10:19:11.768Z",
            "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
            "shortName": "schneider"
          },
          "references": [
            {
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-014-05.pdf"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "assignerShortName": "schneider",
        "cveId": "CVE-2024-12142",
        "datePublished": "2025-01-17T10:19:11.768Z",
        "dateReserved": "2024-12-04T11:14:37.294Z",
        "dateUpdated": "2025-02-12T16:51:46.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }