Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-7543 (GCVE-0-2020-7543)
Vulnerability from cvelistv5 – Published: 2020-12-11 00:52 – Updated: 2024-08-04 09:33
VLAI?
EPSS
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
Severity ?
No CVSS data available.
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions) |
Affected:
Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-11T00:52:21.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
"version": {
"version_data": [
{
"version_value": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/",
"refsource": "CONFIRM",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7543",
"datePublished": "2020-12-11T00:52:21.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:19.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2020-7543
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-7543",
"description": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.",
"id": "GSD-2020-7543"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-7543"
],
"details": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.",
"id": "GSD-2020-7543",
"modified": "2023-12-13T01:21:52.299821Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
"version": {
"version_data": [
{
"version_value": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/",
"refsource": "CONFIRM",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2208FD-0126-4ECF-97DF-89998EE90A5F",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB772761-8859-4AA5-ACAC-4A5859FCE0A9",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0DB061-8B7F-4FEC-9275-6FFE045DCE81",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA3B4D9-7F47-4813-9784-EB7BF53A32DE",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7D852A-18A3-4AB8-B6AD-4B9815950CC4",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4325AE79-6FDA-47A7-B3A6-C47C5C2C510D",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6149E270-E76E-4011-A488-2571499A6C76",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF74D66-DEF7-4A05-A6FC-15645BA8B8AB",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4810AB-2986-4152-9E48-488959A15361",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
},
{
"lang": "es",
"value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026amp; Modicon Premium (consulte las notificaciones de seguridad para las versiones afectadas), que podr\u00eda causar una denegaci\u00f3n de servicio cuando una petici\u00f3n Read Physical Memory especialmente dise\u00f1ada a trav\u00e9s de Modbus es enviada hacia el controlador"
}
],
"id": "CVE-2020-7543",
"lastModified": "2024-04-10T12:28:45.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-11T01:15:12.580",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
}
}
}
CERTFR-2020-AVI-801
Vulnerability from certfr_avis - Published: 2020-12-08 - Updated: 2020-12-08
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- EcoStruxure™ Control Expert
- Unity Pro (former name of EcoStruxure™ Control Expert)
- EcoStruxure Geo SCADA Expert 2019 versions antérieures à 81.7613.1
- EcoStruxure Geo SCADA Expert 2020 versions antérieures à 83.7613.1
- Modicon M340 CPU BMXP34* versions antérieures à V3.3
- Modicon M340 Ethernet Communication modules BMXNOC0401 versions antérieures à V2.10 (*)
- Modicon M340 Ethernet Communication modules BMXNOE0100 versions antérieures à V3.4
- Modicon M340 Ethernet Communication modules BMXNOE0110 versions antérieures à V6.6
- Modicon Premium processors with integrated Ethernet COPRO TSXP574634, TSXP575634, TSXP576634
- Modicon Quantum CPUs 140CPU65xxxxx versions antérieures à V6.1 (*)
- Modicon Quantum communication modules 140NOE771x1 versions antérieures à V7.3 (*)
- Modicon Quantum communication modules 140NOC78x00 versions antérieures à V1.74 (*)
- Modicon Quantum communication modules 140NOC77101 versions antérieures à V1.08
- Modicon Premium communication modules TSXETY4103 versions antérieures à V6.2 (*)
- Modicon Premium communication modules TSXETY5103 versions antérieures à V6.4 (*)
- Modicon Premium CPUs TSXP574634, TSXP575634, TSXP576634 versions antérieures à V6.1 (*)
- BMXNOE0100
- BMXNOE0110
- BMXNOR0200H
- BMXNOR200H
- Modicon M580 CPUs BMEx58xxxxx microgiciel versions antérieures à 3.20
- Modicon M258 versions antérieures à 5.0.4.11
- SoMachine/SoMachine Motion software
(*) ces versions ne corrigent pas toutes les vulnérabilités
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eEcoStruxure\u2122 Control Expert\u003c/li\u003e \u003cli\u003eUnity Pro (former name of EcoStruxure\u2122 Control Expert)\u003c/li\u003e \u003cli\u003eEcoStruxure Geo SCADA Expert 2019 versions ant\u00e9rieures \u00e0 81.7613.1\u003c/li\u003e \u003cli\u003eEcoStruxure Geo SCADA Expert 2020 versions ant\u00e9rieures \u00e0 83.7613.1\u003c/li\u003e \u003cli\u003eModicon M340 CPU BMXP34* versions ant\u00e9rieures \u00e0 V3.3\u003c/li\u003e \u003cli\u003eModicon M340 Ethernet Communication modules BMXNOC0401 versions ant\u00e9rieures \u00e0 V2.10 (*)\u003c/li\u003e \u003cli\u003eModicon M340 Ethernet Communication modules BMXNOE0100 versions ant\u00e9rieures \u00e0 V3.4\u003c/li\u003e \u003cli\u003eModicon M340 Ethernet Communication modules BMXNOE0110 versions ant\u00e9rieures \u00e0 V6.6\u003c/li\u003e \u003cli\u003eModicon Premium processors with integrated Ethernet COPRO TSXP574634, TSXP575634, TSXP576634\u003c/li\u003e \u003cli\u003eModicon Quantum CPUs 140CPU65xxxxx versions ant\u00e9rieures \u00e0 V6.1 (*)\u003c/li\u003e \u003cli\u003eModicon Quantum communication modules 140NOE771x1 versions ant\u00e9rieures \u00e0 V7.3 (*)\u003c/li\u003e \u003cli\u003eModicon Quantum communication modules 140NOC78x00 versions ant\u00e9rieures \u00e0 V1.74 (*)\u003c/li\u003e \u003cli\u003eModicon Quantum communication modules 140NOC77101 versions ant\u00e9rieures \u00e0 V1.08\u003c/li\u003e \u003cli\u003eModicon Premium communication modules TSXETY4103 versions ant\u00e9rieures \u00e0 V6.2 (*)\u003c/li\u003e \u003cli\u003eModicon Premium communication modules TSXETY5103 versions ant\u00e9rieures \u00e0 V6.4 (*)\u003c/li\u003e \u003cli\u003eModicon Premium CPUs TSXP574634, TSXP575634, TSXP576634 versions ant\u00e9rieures \u00e0 V6.1 (*)\u003c/li\u003e \u003cli\u003eBMXNOE0100\u003c/li\u003e \u003cli\u003eBMXNOE0110\u003c/li\u003e \u003cli\u003eBMXNOR0200H\u003c/li\u003e \u003cli\u003eBMXNOR200H\u003c/li\u003e \u003cli\u003eModicon M580 CPUs BMEx58xxxxx microgiciel versions ant\u00e9rieures \u00e0 3.20\u003c/li\u003e \u003cli\u003eModicon M258 versions ant\u00e9rieures \u00e0 5.0.4.11\u003c/li\u003e \u003cli\u003eSoMachine/SoMachine Motion software\u003c/li\u003e \u003c/ul\u003e \u003cp\u003e(*) ces versions ne corrigent pas toutes les vuln\u00e9rabilit\u00e9s\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-7535",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7535"
},
{
"name": "CVE-2020-7542",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7542"
},
{
"name": "CVE-2020-7549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7549"
},
{
"name": "CVE-2020-7537",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7537"
},
{
"name": "CVE-2020-7560",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7560"
},
{
"name": "CVE-2020-28219",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28219"
},
{
"name": "CVE-2020-7536",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7536"
},
{
"name": "CVE-2020-7543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7543"
},
{
"name": "CVE-2020-28220",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28220"
},
{
"name": "CVE-2020-7540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7540"
}
],
"initial_release_date": "2020-12-08T00:00:00",
"last_revision_date": "2020-12-08T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-801",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-02 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-02/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-06 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-01 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-01/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-07 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-04 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-05 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-09 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-09/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-08 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-03 du 06 d\u00e9cembre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
}
]
}
GHSA-F47W-6H97-HPPP
Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2022-05-24 17:36
VLAI?
Details
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
{
"affected": [],
"aliases": [
"CVE-2020-7543"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-11T01:15:00Z",
"severity": "HIGH"
},
"details": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.",
"id": "GHSA-f47w-6h97-hppp",
"modified": "2022-05-24T17:36:08Z",
"published": "2022-05-24T17:36:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7543"
},
{
"type": "WEB",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2020-7543
Vulnerability from fkie_nvd - Published: 2020-12-11 01:15 - Updated: 2024-11-21 05:37
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2208FD-0126-4ECF-97DF-89998EE90A5F",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB772761-8859-4AA5-ACAC-4A5859FCE0A9",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0DB061-8B7F-4FEC-9275-6FFE045DCE81",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA3B4D9-7F47-4813-9784-EB7BF53A32DE",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7D852A-18A3-4AB8-B6AD-4B9815950CC4",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4325AE79-6FDA-47A7-B3A6-C47C5C2C510D",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6149E270-E76E-4011-A488-2571499A6C76",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF74D66-DEF7-4A05-A6FC-15645BA8B8AB",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4810AB-2986-4152-9E48-488959A15361",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
"versionEndExcluding": "3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
},
{
"lang": "es",
"value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026amp; Modicon Premium (consulte las notificaciones de seguridad para las versiones afectadas), que podr\u00eda causar una denegaci\u00f3n de servicio cuando una petici\u00f3n Read Physical Memory especialmente dise\u00f1ada a trav\u00e9s de Modbus es enviada hacia el controlador"
}
],
"id": "CVE-2020-7543",
"lastModified": "2024-11-21T05:37:20.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-11T01:15:12.580",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "cybersecurity@se.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…