Schneider-electric Modicon M580 Bmep582020 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Modicon M580 Bmep582020 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2022-37300 — CVSS 9.8 (critical): A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and…
CVE-2021-22779 — CVSS 9.1 (critical): Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all…
CVE-2023-6408 — CVSS 8.1 (high): CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a…
CVE-2022-45789 — CVSS 8.1 (high): A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the…
CVE-2018-7838 — CVSS 7.5 (high): A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module…
CVE-2022-37301 — CVSS 7.5 (high): A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory…
CVE-2022-45788 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of…
CVE-2021-22786 — CVSS 7.5 (high): A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the…
CVE-2020-7537 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers…
CVE-2020-7542 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers…
CVE-2020-7543 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers…
CVE-2019-6855 — CVSS 7.3 (high): Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions)…