A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502 (Modbus), when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 (All Versions)
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01 | Mitigation Patch Vendor Advisory |
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01 | Mitigation Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
21 Nov 2024, 06:47
Type | Values Removed | Values Added |
---|---|---|
References | () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01 - Mitigation, Patch, Vendor Advisory |
Information
Published : 2022-02-04 23:15
Updated : 2024-11-21 06:47
NVD link : CVE-2022-22724
Mitre link : CVE-2022-22724
CVE.ORG link : CVE-2022-22724
JSON object : View
Products Affected
schneider-electric
- modicon_m340_bmxp3420302_firmware
- modicon_m340_bmxp342000_firmware
- modicon_m340_bmxp341000
- modicon_m340_bmxp3420302
- modicon_m340_bmxp3420102_firmware
- modicon_m340_bmxp3420102
- modicon_m340_bmxp341000_firmware
- modicon_m340_bmxp342000
- modicon_m340_bmxp342030_firmware
- modicon_m340_bmxp342010_firmware
- modicon_m340_bmxp342030
- modicon_m340_bmxp342010
CWE
CWE-400
Uncontrolled Resource Consumption