VYPR

Modicon M580 CPU Safety

by Schneider Electric

CVEs (2)

  • CVE-2022-45789HigJan 31, 2023
    risk 0.53cvss 8.1epss 0.01

    A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process…

  • CVE-2021-22786HigFeb 1, 2023
    risk 0.49cvss 7.5epss 0.01

    A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to…