A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C
Vendors Products
Schneider-electric
  • Bmxnoc0401
  • Modicon M340 Bmxp342030h Firmware
  • Modicon M340 Bmxp341000
  • Modicon M340 Bmxp3420102cl Firmware
  • Bmxnoe0100
  • Bmxnoe0110h
  • Modicon M340 Bmxp342000 Firmware
  • Modicon M340 Bmxp3420302
  • Modicon M340 Bmxp3420302h Firmware
  • Modicon M340 Bmxp342030 Firmware
  • Modicon M340 Bmxp3420302 Firmware
  • Modicon M340 Bmxp342030
  • Modicon M340 Bmxp342000
  • Modicon M340 Bmxp342020h
  • Modicon M340 Bmxp341000 Firmware
  • Modicon M340 Bmxp342030h
  • Modicon M340 Bmxp342020h Firmware
  • Bmxnoe0110 Firmware
  • Modicon M340 Bmxp342020
  • Bmxnoe0110h Firmware
  • Bmxnoe0110
  • Bmxnor0200h Firmware
  • Modicon M340 Bmxp3420102
  • Modicon M340 Bmxp3420102 Firmware
  • Modicon M340 Bmxp3420102cl
  • Modicon M340 Bmxp342020 Firmware
  • Modicon M340 Bmxp3420302h
  • Bmxnoe0100 Firmware
  • Bmxnoc0401 Firmware
  • Bmxnor0200h

Configuration 1 [-]

AND
cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:schneider-electric:bmxnoe0110h_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:bmxnoe0110h:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:2.8:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*
References
Link Resource
http://www.securityfocus.com/bid/96414 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03 Mitigation Third Party Advisory US Government Resource
https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2017-06-30T02:35:00

Updated: 2018-12-24T15:57:01

Reserved: 2017-02-16T00:00:00

Link: CVE-2017-6017

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2017-06-30T03:29:00.233

Modified: 2024-04-10T12:28:45.957

Link: CVE-2017-6017

JSON object: View

cve-icon Redhat Information

No data.

CWE