CVE-2020-7549 - OpenCVE

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Schneider-electric	140cpu65150 Bmxnoc0401 Tsxp574634 Modicon M340 Bmxp3420302cl Firmware Modicon M340 Bmxp341000 Modicon M340 Bmxp3420102cl Firmware Bmxnoe0100 Modicon M340 Bmxp342000 Firmware Modicon M340 Bmxp3420302 140cpu65150 Firmware 140noc78000 Firmware Tsxp575634 Modicon M340 Bmxp3420302 Firmware 140noc78000 140noc78100 Tsxp574634 Firmware 140noc78100 Firmware Tsxety4103 Firmware Tsxety5103 Modicon M340 Bmxp342000 Modicon M340 Bmxp341000 Firmware Tsxp576634 Tsxety5103 Firmware 140noe77111 Firmware Bmxnoe0110 Firmware Modicon M340 Bmxp342020 Modicon M340 Bmxp3420302cl Tsxp575634 Firmware Bmxnoe0110 Modicon M340 Bmxp3420102 Modicon M340 Bmxp3420102 Firmware Modicon M340 Bmxp3420102cl Tsxp576634 Firmware Modicon M340 Bmxp342020 Firmware Bmxnoe0100 Firmware Bmxnoc0401 Firmware Tsxety4103 140noe77111

Configuration 1 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.se.com/ww/en/download/document/SEVD-2020-343-06/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: schneider

Published: 2020-12-11T00:52:26

Updated: 2020-12-11T00:52:26

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7549

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-12-11T01:15:12.627

Modified: 2024-04-10T12:28:45.957

Link: CVE-2020-7549

JSON object: View

Redhat Information

No data.

CWE

CWE-754