Schneider Electric Modicon M580 Vulnérabilités

Chronologie

Version

2.0	1
2.1	1
2.2	1
2.3	1
2.4	1

Contre-mesures

Official Fix	14
Temporary Fix	0
Workaround	2
Unavailable	0
Not Defined	36

Exploitabilité

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	52

Vecteur d'accès

Not Defined	0
Physical	3
Local	0
Adjacent	0
Network	49

Authentification

Not Defined	0
High	4
Low	4
None	44

Interaction de l'utilisateur

Not Defined	0
Required	6
None	46

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	4
≤5	6
≤6	2
≤7	27
≤8	6
≤9	7
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	4
≤5	6
≤6	4
≤7	26
≤8	6
≤9	6
≤10	0

VulDB

≤1	0
≤2	0
≤3	7
≤4	1
≤5	5
≤6	25
≤7	2
≤8	10
≤9	2
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	4
≤6	2
≤7	2
≤8	28
≤9	1
≤10	6

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	3
≤9	2
≤10	1

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	16
<2k	31
<5k	5
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	47
<2k	4
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (80): 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21, 2.22, 2.23, 2.24, 2.25, 2.26, 2.27, 2.28, 2.29, 2.30, 2.31, 2.32, 2.33, 2.34, 2.35, 2.36, 2.37, 2.38, 2.39, 2.40, 2.41, 2.42, 2.43, 2.44, 2.45, 2.46, 2.47, 2.48, 2.49, 2.50, 2.51, 2.52, 2.53, 2.54, 2.55, 2.56, 2.57, 2.58, 2.59, 2.60, 2.61, 2.62, 2.63, 2.64, 2.65, 2.66, 2.67, 2.68, 2.69, 2.70, 2.71, 2.72, 2.73, 2.74, 2.75, 2.76, 2.77, 2.78, 2.79

Link to Product Website: https://www.schneider-electric.com/

Type de logiciel: SCADA Software

Publié	Base	Temp	Vulnérabilité	0day	Aujourd'hui	Exp	Con	CTI	CVE
14/02/2024	8.1	7.9	Schneider Electric Modicon M340 CPU elévation de privilèges	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-6408
01/02/2023	6.4	6.3	Schneider Electric Modicon M340 CPU Modbus TCP Protocol divulgation de l'information	$0-$5k	$0-$5k	Not Defined	Official Fix	0.06	CVE-2021-22786
31/01/2023	8.7	8.7	Schneider Electric EcoStruxure Control Expert authentification faible	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	CVE-2022-45789
30/01/2023	7.4	7.4	Schneider Electric EcoStruxure Control Expert Project File elévation de privilèges	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2022-45788
22/11/2022	7.5	7.5	Schneider Electric Modicon MC80 Modbus TCP Protocol buffer overflow	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2022-37301
13/09/2022	8.5	8.5	Schneider Electric EcoStruxure Control Expert Modbus elévation de privilèges	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-37300
02/09/2021	4.3	4.1	Schneider Electric Modicon M580 CPU Project File dénie de service	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-22792
02/09/2021	6.3	6.0	Schneider Electric Modicon M580 CPU Project File buffer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2021-22791
02/09/2021	4.3	4.1	Schneider Electric Modicon M580 CPU Project File divulgation de l'information	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2021-22790
02/09/2021	6.3	6.0	Schneider Electric Modicon M580 CPU Project File buffer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-22789