CVE-2020-7564

A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP.

CVSS v3 8.8 HIGH
CVSS v2.0 6.5 MEDIUM

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_tsxety4103_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_tsxety4103:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_tsxety5103_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_tsxety5103:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_tsxp574634_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_tsxp574634:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_tsxp575634_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_tsxp575634:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_tsxp576634_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_tsxp576634:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140noc78100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140noc78100:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-11-18 14:15

Updated : 2023-12-10 13:41

NVD link : CVE-2020-7564

Mitre link : CVE-2020-7564

CVE.ORG link : CVE-2020-7564

JSON object : View

Products Affected

schneider-electric

modicon_quantum_140cpu65150_firmware
modicon_m340_bmx_noe_0110_firmware
modicon_tsxety5103
modicon_m340_bmx_noc_0401_firmware
modicon_quantum_140cpu65150c_firmware
modicon_m340_bmx_noe_0110
modicon_quantum_140noe77111
modicon_tsxp574634_firmware
modicon_m340_bmx_p34-2030_firmware
modicon_tsxp575634
modicon_quantum_140noe77101_firmware
modicon_m340_bmx_noe_0100_firmware
modicon_m340_bmx_noe_0100
modicon_tsxp576634
modicon_m340_bmx_noe_0100h
modicon_m340_bmx_noe_0110h_firmware
modicon_quantum_140noc78100_firmware
modicon_m340_bmx_p34-2030
modicon_m340_bmx_noe_0110h
modicon_quantum_140noe77101
modicon_tsxp574634
modicon_tsxp575634_firmware
modicon_tsxety4103_firmware
modicon_m340_bmx_nor_0200h_firmware
modicon_m340_bmx_noe_0100h_firmware
modicon_quantum_140cpu65150c
modicon_quantum_140cpu65160c
modicon_m340_bmx_noc_0401
modicon_m340_bmx_nor_0200h
modicon_quantum_140cpu65160c_firmware
modicon_quantum_140cpu65160
modicon_m340_bmx_p34-2010_firmware
modicon_tsxety4103
modicon_m340_bmx_p34-2010
modicon_tsxety5103_firmware
modicon_quantum_140cpu65160_firmware
modicon_quantum_140cpu65150
modicon_tsxp576634_firmware
modicon_quantum_140noe77111_firmware
modicon_quantum_140noc78100

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

8.8 /10