VYPR

Modicon Momentum MDI

by Schneider Electric

CVEs (2)

  • CVE-2021-22786HigFeb 1, 2023
    risk 0.49cvss 7.5epss 0.01

    A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to…

  • CVE-2022-37301HigNov 22, 2022
    risk 0.49cvss 7.5epss 0.01

    A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon…