CVE-2021-22789 - OpenCVE

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Schneider-electric	Modicon Momentum 171cbu98090 Modicon Premium Tsxp57 1634m Modicon M580 Bmeh582040 Modicon Premium Tsxp57 6634m Modicon M580 Bmeh584040s Modicon M580 Bmep581020h Modicon M580 Bmep586040 Modicon Premium Tsxp57 5634m Modicon M580 Bmep584020 Modicon M580 Bmep584040 Modicon M580 Bmep585040c Modicon M580 Bmep583020 Modicon M340 Bmxp341000 Modicon M580 Bmep582020h Modicon M580 Bmep585040 Modicon Quantum 140cpu65150c Modicon M580 Bmep582020 Modicon M580 Bmep581020 Modicon Quantum 140cpu65160 Modicon M580 Bmep584040s Modicon Momentum 171cbu98091 Modicon Premium Tsxp57 554m Modicon Premium Tsxp57 2634m Modicon Mc80 Bmkc8030311 Modicon M580 Bmep582040s Modicon Quantum 140cpu65160c Modicon M340 Bmxp342030 Modicon Momentum 171cbu78090 Modicon M580 Bmeh584040 Modicon Premium Tsxp57 454m Modicon Premium Tsxp57 4634m Modicon M580 Bmeh586040c Plc Simulator For Ecostruxure Process Expert Modicon M580 Bmeh586040 Modicon M340 Bmxp342020 Modicon M580 Bmeh582040s Modicon M580 Bmeh586040s Modicon M580 Bmep583040 Modicon M580 Bmep582040h Modicon M580 Bmeh582040c Modicon M580 Bmep582040 Modicon Mc80 Bmkc8020310 Modicon Quantum 140cpu65150 Plc Simulator For Ecostruxure Control Expert Modicon M340 Bmxp342010 Modicon Premium Tsxp57 2834m Modicon M580 Bmeh584040c Modicon M580 Bmep586040c Modicon Mc80 Bmkc8020301

Configuration 1 [-]

OR	cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:::::::*
	cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:::::::*
	cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:::::::*