Schneider-electric Bmxnor0200h Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Bmxnor0200h Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2018-7242 — CVSS 9.8 (critical): Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all…
CVE-2018-7241 — CVSS 9.8 (critical): Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all…
CVE-2018-7761 — CVSS 9.8 (critical): A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200…
CVE-2019-6810 — CVSS 8.8 (high): CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could…
CVE-2020-7534 — CVSS 8.8 (high): A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or…
CVE-2019-6831 — CVSS 8.6 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all…
CVE-2020-7536 — CVSS 7.5 (high): A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30)…
CVE-2017-6017 — CVSS 7.5 (high): A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H…
CVE-2018-7759 — CVSS 7.5 (high): A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer…
CVE-2018-7762 — CVSS 7.5 (high): A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum…
CVE-2019-6813 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all…
CVE-2015-6462 — CVSS 5.4 (medium): Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed…
CVE-2015-6461 — CVSS 5.4 (medium): Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100…