ГлавнаяУязвимости → CVE-2023-6408
8.1высокая

CVE-2023-6408

Описание

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack.

Затрагиваемое ПО
Schneider-electric Modicon m340 bmxp341000 firmwareSchneider-electric Modicon m340 bmxp341000Schneider-electric Modicon m340 bmxp341000h firmwareSchneider-electric Modicon m340 bmxp341000hSchneider-electric Modicon m340 bmxp342000 firmwareSchneider-electric Modicon m340 bmxp342000Schneider-electric Modicon m340 bmxp342010 firmwareSchneider-electric Modicon m340 bmxp342010Schneider-electric Modicon m340 bmxp3420102 firmwareSchneider-electric Modicon m340 bmxp3420102Schneider-electric Modicon m340 bmxp3420102cl firmwareSchneider-electric Modicon m340 bmxp3420102clSchneider-electric Modicon m340 bmxp342020 firmwareSchneider-electric Modicon m340 bmxp342020Schneider-electric Modicon m340 bmxp342020h firmwareSchneider-electric Modicon m340 bmxp342020hSchneider-electric Modicon m340 bmxp342030 firmwareSchneider-electric Modicon m340 bmxp342030Schneider-electric Modicon m340 bmxp3420302 firmwareSchneider-electric Modicon m340 bmxp3420302Schneider-electric Modicon m340 bmxp3420302cl firmwareSchneider-electric Modicon m340 bmxp3420302clSchneider-electric Modicon m340 bmxp3420302h firmwareSchneider-electric Modicon m340 bmxp3420302hSchneider-electric Modicon m340 bmxp342030h firmware
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdfhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdf