Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

OPC UA Modicon Communication Module Security Vulnerabilities

cve
cve

CVE-2022-34762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H)...

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-13 09:15 PM
40
2
cve
cve

CVE-2022-34763

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon...

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-13 09:15 PM
40
3
cve
cve

CVE-2022-34759

A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and...

7.5CVSS

7.3AI Score

0.001EPSS

2022-07-13 09:15 PM
32
5
cve
cve

CVE-2022-34760

A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module...

7.5CVSS

7.3AI Score

0.001EPSS

2022-07-13 09:15 PM
34
5
cve
cve

CVE-2022-34764

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10...

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-13 09:15 PM
41
4
cve
cve

CVE-2022-34761

A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and...

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-13 09:15 PM
44
4
cve
cve

CVE-2022-34765

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon...

5.3CVSS

5.3AI Score

0.001EPSS

2022-07-13 09:15 PM
37
3