CVE-2020-7536
HIGHModicon M340 and BMXNOE/BMXNOR Firmware - Denial of Service via SNMP Network Parameter Modification
Title source: llmDescription
A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://security.cse.iitk.ac.in/responsible-disclosure
Vendor Advisory x_refsource_confirm
https://www.se.com/ww/en/download/document/SEVD-2020-343-07/
Scores
CVSS v3
7.5
EPSS
0.0048
EPSS Percentile
65.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-754
Status
published
Products (10)
schneider-electric/bmxnoe0100_firmware
< 3.4
schneider-electric/bmxnoe0110_firmware
< 6.6
schneider-electric/bmxnor0200h_firmware
schneider-electric/modicon_m340_bmxp341000_firmware
< 3.30
schneider-electric/modicon_m340_bmxp342000_firmware
< 3.30
schneider-electric/modicon_m340_bmxp3420102_firmware
< 3.30
schneider-electric/modicon_m340_bmxp3420102cl_firmware
< 3.30
schneider-electric/modicon_m340_bmxp342020_firmware
< 3.30
schneider-electric/modicon_m340_bmxp3420302_firmware
< 3.30
schneider-electric/modicon_m340_bmxp3420302cl_firmware
< 3.30
Published
Dec 11, 2020
Tracked Since
Feb 18, 2026