All CISA Advisories

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E

2024-11-21 20:11

1. EXECUTIVE SUMMARY

CVSS v4 9.2
ATTENTION: Exploitable remotely
Vendor: Schneider Electric
Equipment: Modicon M340, MC80, and Momentum Unity M1E
Vulnerabilities: Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to tamper with memory on these devices.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of Schneider Electric Modicon M340, MC80, and Momentum Unity M1E are affected:

Modicon M340 CPU (part numbers BMXP34*): Versions prior to SV3.65
Modicon
[…]

This article has been indexed from All CISA Advisories

Read the original article:

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E

← Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization

Schneider Electric PowerLogic PM5300 Series →