A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)
References
| Link | Resource |
|---|---|
| https://www.se.com/us/en/download/document/SEVD-2022-102-02/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
History
30 Nov 2022, 20:38
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0100:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110h:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxnor0200h:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:* |
|
| CWE | CWE-269 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| References | (CONFIRM) https://www.se.com/us/en/download/document/SEVD-2022-102-02/ - Vendor Advisory | |
| First Time |
Schneider-electric modicon M340 Bmxp342010
Schneider-electric modicon M340 Bmxp3420302 Firmware Schneider-electric modicon M340 Bmxnoe0110h Schneider-electric modicon M340 Bmxp342030 Firmware Schneider-electric modicon M340 Bmxp342020h Firmware Schneider-electric modicon M340 Bmxnor0200h Schneider-electric modicon M340 Bmxnor0200h Firmware Schneider-electric modicon M340 Bmxnoe0110 Firmware Schneider-electric modicon M340 Bmxp342030 Schneider-electric modicon M340 Bmxp342000 Schneider-electric modicon M340 Bmxnoe0100 Schneider-electric modicon M340 Bmxp3420102 Schneider-electric modicon M340 Bmxp342020 Schneider-electric modicon M340 Bmxp342030h Schneider-electric modicon M340 Bmxp342020h Schneider-electric modicon M340 Bmxp342030h Firmware Schneider-electric modicon M340 Bmxp3420102 Firmware Schneider-electric modicon M340 Bmxp3420302h Firmware Schneider-electric modicon M340 Bmxp342000 Firmware Schneider-electric modicon M340 Bmxnoe0100 Firmware Schneider-electric Schneider-electric modicon M340 Bmxp3420302h Schneider-electric modicon M340 Bmxp342010 Firmware Schneider-electric modicon M340 Bmxnoe0110h Firmware Schneider-electric modicon M340 Bmxp341000 Firmware Schneider-electric modicon M340 Bmxnoe0110 Schneider-electric modicon M340 Bmxp341000 Schneider-electric modicon M340 Bmxp342020 Firmware Schneider-electric modicon M340 Bmxp3420302 |
22 Nov 2022, 13:44
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-11-22 13:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-0222
Mitre link : CVE-2022-0222
CVE.ORG link : CVE-2022-0222
JSON object : View
Products Affected
schneider-electric
- modicon_m340_bmxnoe0110
- modicon_m340_bmxp3420302_firmware
- modicon_m340_bmxp342030h_firmware
- modicon_m340_bmxp342030h
- modicon_m340_bmxp341000
- modicon_m340_bmxp341000_firmware
- modicon_m340_bmxp342000_firmware
- modicon_m340_bmxp3420102
- modicon_m340_bmxp3420302
- modicon_m340_bmxp342000
- modicon_m340_bmxp342010_firmware
- modicon_m340_bmxnoe0110_firmware
- modicon_m340_bmxp3420302h_firmware
- modicon_m340_bmxnoe0100_firmware
- modicon_m340_bmxp342020h
- modicon_m340_bmxnor0200h
- modicon_m340_bmxnoe0100
- modicon_m340_bmxnoe0110h
- modicon_m340_bmxnor0200h_firmware
- modicon_m340_bmxp342010
- modicon_m340_bmxnoe0110h_firmware
- modicon_m340_bmxp342030_firmware
- modicon_m340_bmxp3420102_firmware
- modicon_m340_bmxp3420302h
- modicon_m340_bmxp342020h_firmware
- modicon_m340_bmxp342030
- modicon_m340_bmxp342020
- modicon_m340_bmxp342020_firmware
CWE
CWE-269
Improper Privilege Management