CVE-2021-22786

HIGH

Modicon M340 BMXP34* < 3.30 - Information Exposure via Modbus TCP

Title source: llm

Description

A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)

References (1)

Core 1

Core References

Patch, Vendor Advisory

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf

Scores

CVSS v3 7.5

EPSS 0.0032

EPSS Percentile 55.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (41)

schneider-electric/modicon_m340_bmxp341000_firmware < 3.40

schneider-electric/modicon_m340_bmxp342000_firmware < 3.40

schneider-electric/modicon_m340_bmxp3420102_firmware < 3.40

schneider-electric/modicon_m340_bmxp342010_firmware < 3.40

schneider-electric/modicon_m340_bmxp342020_firmware < 3.40

schneider-electric/modicon_m340_bmxp342020h_firmware < 3.40

schneider-electric/modicon_m340_bmxp3420302_firmware < 3.40

schneider-electric/modicon_m340_bmxp3420302h_firmware < 3.40

schneider-electric/modicon_m340_bmxp342030_firmware < 3.40

schneider-electric/modicon_m340_bmxp342030h_firmware < 3.40

... and 31 more

Published Feb 01, 2023

Tracked Since Feb 18, 2026