High severity7.5NVD Advisory· Published Jun 30, 2017· Updated May 13, 2026

CVE-2017-6017

Description

A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.

Affected products

Schneider Electric/Bmxnoc0401 Firmware
cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Bmxnoe0100 Firmware
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Bmxnoe0110 Firmware
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Bmxnoe0110h Firmware
cpe:2.3:o:schneider-electric:bmxnoe0110h_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Bmxnor0200h Firmware
cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp341000 Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp342000 Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp3420102cl Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp3420102 Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp342020 Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp342020h Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp3420302 Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp3420302h Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp342030 Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:2.8:*:*:*:*:*:*:*
Schneider Electric/Modicon M340 Bmxp342030h Firmware
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:2.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/96414nvdThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSA-17-054-03nvdMitigationThird Party AdvisoryUS Government Resource
www.schneider-electric.com/en/download/document/SEVD-2017-048-02/nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000