Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe
Filtered by product Modicon Bmxcra Firmware
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6842 1 Schneider-electric 8 Modicon 140cra, Modicon 140cra Firmware, Modicon Bmxcra and 5 more 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol.
CVE-2019-6847 1 Schneider-electric 8 Modicon 140cra, Modicon 140cra Firmware, Modicon Bmxcra and 5 more 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the application in the controller using FTP protocol.
CVE-2019-6846 1 Schneider-electric 8 Modicon 140cra, Modicon 140cra Firmware, Modicon Bmxcra and 5 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause information disclosure when using the FTP protocol.
CVE-2019-6844 1 Schneider-electric 8 Modicon 140cra, Modicon 140cra Firmware, Modicon Bmxcra and 5 more 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid web server image using FTP protocol.
CVE-2019-6841 1 Schneider-electric 8 Modicon 140cra, Modicon 140cra Firmware, Modicon Bmxcra and 5 more 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with no firmware image inside the package using FTP protocol.
CVE-2019-6843 1 Schneider-electric 8 Modicon 140cra, Modicon 140cra Firmware, Modicon Bmxcra and 5 more 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the controller with an empty firmware package using FTP protocol.