Vulnerability Details CVE-2023-25620
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that
could cause denial of service of the controller when a malicious project file is loaded onto the
controller by an authenticated user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.7%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-25620
-
cpe:2.3:h:schneider-electric:140cpu65:-
-
cpe:2.3:h:schneider-electric:bmeh58s:-
-
cpe:2.3:h:schneider-electric:bmep58s:-
-
cpe:2.3:h:schneider-electric:modicon_m340:-
-
cpe:2.3:h:schneider-electric:modicon_m580:-
-
cpe:2.3:h:schneider-electric:modicon_mc80:-
-
cpe:2.3:h:schneider-electric:modicon_momentum_unity_m1e_processor:-
-
cpe:2.3:h:schneider-electric:tsxp57:-
-
cpe:2.3:o:schneider-electric:140cpu65_firmware:-
-
cpe:2.3:o:schneider-electric:bmeh58s_firmware:*
-
cpe:2.3:o:schneider-electric:bmep58s_firmware:*
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:3.01
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:3.10
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.12
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.30
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.41
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:3.10
-
cpe:2.3:o:schneider-electric:modicon_mc80_firmware:*
-
cpe:2.3:o:schneider-electric:modicon_momentum_unity_m1e_processor_firmware:*
-
cpe:2.3:o:schneider-electric:tsxp57_firmware:-