Schneider-electric 140cpu65150 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric 140cpu65150 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2018-7242 — CVSS 9.8 (critical): Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all…
CVE-2018-7241 — CVSS 9.8 (critical): Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all…
CVE-2020-7540 — CVSS 9.8 (critical): A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon…
CVE-2018-7761 — CVSS 9.8 (critical): A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200…
CVE-2018-7240 — CVSS 8.8 (high): A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary…
CVE-2020-7477 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1…
CVE-2020-7535 — CVSS 7.5 (high): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web…
CVE-2020-7539 — CVSS 7.5 (high): A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers…
CVE-2020-7542 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers…
CVE-2021-22788 — CVSS 7.5 (high): A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP…
CVE-2018-7759 — CVSS 7.5 (high): A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer…
CVE-2018-7762 — CVSS 7.5 (high): A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum…
CVE-2018-7794 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum…
CVE-2019-6856 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum…
CVE-2019-6857 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum…
CVE-2021-22785 — CVSS 7.5 (high): A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to…
CVE-2021-22787 — CVSS 7.5 (high): A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a…
CVE-2020-7549 — CVSS 5.3 (medium): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers…
CVE-2020-7541 — CVSS 5.3 (medium): A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and…