Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe

Filtered by product 140cpu65150 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-7541	1 Schneider-electric	40 140cpu65150, 140cpu65150 Firmware, 140noc77101 and 37 more	2020-12-14	5.0 MEDIUM	5.3 MEDIUM
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.
CVE-2020-7549	1 Schneider-electric	38 140cpu65150, 140cpu65150 Firmware, 140noc78000 and 35 more	2020-12-14	5.0 MEDIUM	5.3 MEDIUM
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.