Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe

Filtered by product 140cpu31110 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-7240	1 Schneider-electric	26 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 23 more	2019-10-03	6.5 MEDIUM	8.8 HIGH
A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.
CVE-2018-7762	1 Schneider-electric	114 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 111 more	2018-05-24	5.0 MEDIUM	7.5 HIGH
A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.
CVE-2018-7759	1 Schneider-electric	114 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 111 more	2018-05-24	5.0 MEDIUM	7.5 HIGH
A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.