Vulnerability Details CVE-2022-37300
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.4%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-37300
-
cpe:2.3:a:schneider-electric:ecostruxure_control_expert:-
-
cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.0
-
cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.1
-
cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.0
-
cpe:2.3:a:schneider-electric:ecostruxure_process_expert:-
-
cpe:2.3:a:schneider-electric:ecostruxure_process_expert:2020
-
cpe:2.3:a:schneider-electric:ecostruxure_process_expert:2021
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-
-
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-
-
cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:3.30
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:3.30
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:3.30
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:3.30
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:3.30
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:2.8
-
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:3.40
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:1.0
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.01
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:1.0
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.01
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:1.0
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.01
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:1.0
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.01
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:1.0
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.01
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:1.0
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.01
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.13
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.30
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.41
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.60
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.30
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.41
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.60
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.30
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.41
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.50
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.70
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:3.20