Schneider-Electric Modicon M218 Firmware vulnerabilities

CVE-2021-22800 [HIGH] CWE-20 CVE-2021-22800: A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior)

CVE-2020-7524 [HIGH] CWE-787 CVE-2020-7524: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4 devices to go down. The device does not work properly a

CVE-2020-7502 [HIGH] CWE-787 CVE-2020-7502: A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware versi A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.