Modicon Schwachstellen

Zeitverlauf

Typ

SCADA Software	14

Produkt

Modicon M340	6
Modicon Premium	6
Modicon Quantum PLCs	6
Modicon BMXNOR0200	6
Modicon M580 CPU BMEP582040	2

Massnahmen

Official Fix	2
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	12

Ausnutzbarkeit

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	14

Zugriffsart

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	14

Authentisierung

Not Defined	0
High	2
Low	0
None	12

Benutzeraktivität

Not Defined	0
Required	4
None	10

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	4
≤7	2
≤8	4
≤9	2
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	4
≤7	2
≤8	4
≤9	2
≤10	0

VulDB

≤1	0
≤2	0
≤3	2
≤4	2
≤5	4
≤6	0
≤7	0
≤8	6
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	0
≤7	2
≤8	6
≤9	2
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	6
<2k	6
<5k	2
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	14
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (15): BMXNOR0200 (8), Controller (1), EcoStruxure Control ExpertUnity Pro (1), Ethernet Module BMENOC0301 (1), M218 (2), M241 (2), M251 (2), M258 (2), M340 (9), M580 (1), M580 CPU BMEP582040 (1), Modicon M580 (1), Premium (8), Quantum PLC (3), Quantum PLCs (5)

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
22.04.2020	5.6	5.6	Modicon M218/M241/M251/M258 schwache Verschlüsselung	SCADA Software	Not Defined	Not Defined	0.00168	0.04	CVE-2020-7488
22.04.2020	8.5	8.5	Modicon M218/M241/M251/M258 schwache Authentisierung	SCADA Software	Not Defined	Not Defined	0.00222	0.00	CVE-2020-7487
22.04.2020	7.4	7.4	Modicon Controller Communication Module schwache Authentisierung	SCADA Software	Not Defined	Not Defined	0.00168	0.00	CVE-2019-6859
23.03.2020	8.5	8.2	Modicon /EcoStruxure Control ExpertUnity Pro/M340/M580 Downstream Component erweiterte Rechte	SCADA Software	Not Defined	Official Fix	0.00233	0.04	CVE-2020-7475
29.10.2019	3.8	3.8	Modicon Modicon M580 Application erweiterte Rechte	SCADA Software	Not Defined	Not Defined	0.00081	0.00	CVE-2019-6847
15.07.2019	7.5	7.3	Modicon M580 CPU BMEP582040/Ethernet Module BMENOC0301 FTP Service Pufferüberlauf	SCADA Software	Not Defined	Official Fix	0.00103	0.00	CVE-2018-7838
17.12.2018	6.4	6.4	Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server erweiterte Rechte	SCADA Software	Not Defined	Not Defined	0.00110	0.00	CVE-2018-7833
17.12.2018	6.4	6.4	Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server Information Disclosure	SCADA Software	Not Defined	Not Defined	0.00178	0.04	CVE-2018-7812
17.12.2018	6.6	6.6	Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server Redirect	SCADA Software	Not Defined	Not Defined	0.00078	0.02	CVE-2018-7804
30.11.2018	6.5	6.5	Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server Cross Site Request Forgery	SCADA Software	Not Defined	Not Defined	0.00098	0.00	CVE-2018-7831

4 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 4 results.

◂ ZurückÜbersichtWeiter ▸

Do you know our Splunk app?

Download it now for free!