CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Schneider-Electric: >> Modicon M340 Bmxp3420302h Firmware >> 3.60 Security Vulnerabilities

CVE-2022-45789

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)

CVSS Score

8.1

EPSS Score

0.001

Published

2023-01-31

Page 1

Vulnerabilities

Vulnerable Software

Schneider-Electric: >> Modicon M340 Bmxp3420302h Firmware >> 3.60 Security Vulnerabilities

Products

Pricing

Contact Us