Skip to main content

140Noc78100 Firmware

5 CVEs product

Monthly

CVE-2020-7549 MEDIUM This Month

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware Modicon M340 Bmxp3420102 Firmware Modicon M340 Bmxp3420102Cl Firmware +15
NVD VulDB
CVSS 3.1
5.3
EPSS
0.5%
CVE-2020-7541 MEDIUM This Month

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware Modicon M340 Bmxp3420102 Firmware Modicon M340 Bmxp3420102Cl Firmware +16
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2020-7540 CRITICAL Act Now

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware Modicon M340 Bmxp3420102 Firmware Modicon M340 Bmxp3420102Cl Firmware +19
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-7539 HIGH This Week

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware Modicon M340 Bmxp3420102 Firmware Modicon M340 Bmxp3420102Cl Firmware +16
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-7535 HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware Modicon M340 Bmxp3420102 Firmware Modicon M340 Bmxp3420102Cl Firmware +17
NVD
CVSS 3.1
7.5
EPSS
1.5%
EPSS 1% CVSS 5.3
MEDIUM This Month

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware +17
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware +18
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware +21
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware +18
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Modicon M340 Bmxp341000 Firmware Modicon M340 Bmxp342000 Firmware +19
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy