CVE-2021-22786
published 2023-02-01CVE-2021-22786: A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | modicon_m340_bmxp341000_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp342000_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp3420102_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp342010_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp342020_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp342020h_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp3420302_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp3420302h_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp342030_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m340_bmxp342030h_firmware | < 3.40 | 3.40 |
| schneider-electric | modicon_m580_bmeh582040_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh582040c_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh582040s_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh584040_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh584040c_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh584040s_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh586040_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh586040c_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmeh586040s_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmep581020_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmep581020h_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmep582020_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmep582020h_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmep582040_firmware | <= 3.20 | — |
| schneider-electric | modicon_m580_bmep582040h_firmware | <= 3.20 | — |