Vulnerability Details CVE-2021-22787
A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2021-22787
-
cpe:2.3:h:schneider-electric:140cpu65150:-
-
cpe:2.3:h:schneider-electric:140noc77101:-
-
cpe:2.3:h:schneider-electric:140noc78x00:-
-
cpe:2.3:h:schneider-electric:140noe771x1:-
-
cpe:2.3:h:schneider-electric:bmxnoc0401:-
-
cpe:2.3:h:schneider-electric:bmxnoe0100:-
-
cpe:2.3:h:schneider-electric:bmxnoe0110:-
-
cpe:2.3:h:schneider-electric:bmxnor0200h_rtu:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-
-
cpe:2.3:h:schneider-electric:tsxety4103:-
-
cpe:2.3:h:schneider-electric:tsxety5103:-
-
cpe:2.3:h:schneider-electric:tsxp574634:-
-
cpe:2.3:h:schneider-electric:tsxp575634:-
-
cpe:2.3:h:schneider-electric:tsxp576634:-
-
cpe:2.3:o:schneider-electric:140cpu65150_firmware:-
-
cpe:2.3:o:schneider-electric:140cpu65150_firmware:3.52
-
cpe:2.3:o:schneider-electric:140cpu65150_firmware:3.60
-
cpe:2.3:o:schneider-electric:140cpu65150_firmware:6.1
-
cpe:2.3:o:schneider-electric:140noc77101_firmware:-
-
cpe:2.3:o:schneider-electric:140noc77101_firmware:1.08
-
cpe:2.3:o:schneider-electric:140noc78x00_firmware:-
-
cpe:2.3:o:schneider-electric:140noe771x1_firmware:-
-
cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:-
-
cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:2.10
-
cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:2.8
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:-
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.2
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.3
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.5
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.6
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.7
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.8
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.9
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:3.00
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:3.1
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:3.2
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:3.3
-
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:3.4
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:-
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:2.8
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:5.3
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:5.5
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:5.6
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:5.7
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:5.9
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.0
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.1
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.2
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.3
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.4
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.5
-
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:6.6
-
cpe:2.3:o:schneider-electric:bmxnor0200h_rtu_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:3.30
-
cpe:2.3:o:schneider-electric:tsxety4103_firmware:-
-
cpe:2.3:o:schneider-electric:tsxety4103_firmware:6.2
-
cpe:2.3:o:schneider-electric:tsxety5103_firmware:-
-
cpe:2.3:o:schneider-electric:tsxety5103_firmware:6.4
-
cpe:2.3:o:schneider-electric:tsxp574634_firmware:-
-
cpe:2.3:o:schneider-electric:tsxp574634_firmware:6.1
-
cpe:2.3:o:schneider-electric:tsxp575634_firmware:-
-
cpe:2.3:o:schneider-electric:tsxp575634_firmware:6.1
-
cpe:2.3:o:schneider-electric:tsxp576634_firmware:-
-
cpe:2.3:o:schneider-electric:tsxp576634_firmware:6.1