CVE-2021-22786

Severity CVSS v4.0:

Pending analysis

Type:

CWE-200 Information Leak / Disclosure

Publication date:

01/02/2023

Last modified:

08/02/2023

Description

A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)

Impact

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS v3.1 Severity and Metrics:

Base Score: 7.50 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): None
Availability (A): None

Base Score 3.x

7.50

Severity 3.x

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware::::::::		3.40 (excluding)

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security%20and%20Safety%20Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf

CPE	From	Up to
cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware::::::::		3.40 (excluding)
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:::::::*
cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware::::::::		3.40 (excluding)