Skip to main content

Modicon M100 Firmware

2 CVEs product

Monthly

CVE-2020-7489 CRITICAL PATCH Act Now

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert - Basic or SoMachine Basic programming. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Ecostruxure Machine Expert Somachine Basic Modicon M100 Firmware Modicon M200 Firmware +1
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-6820 HIGH This Week

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Modicon M100 Firmware Modicon M200 Firmware Modicon M221 Firmware Atv Imc Drive Controller Firmware +8
NVD VulDB
CVSS 3.1
8.2
EPSS
0.3%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert - Basic or SoMachine Basic programming. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Ecostruxure Machine Expert Somachine Basic +3
NVD VulDB
EPSS 0% CVSS 8.2
HIGH This Week

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Modicon M100 Firmware Modicon M200 Firmware +10
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy