漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
Schneider Electric Modicon M580 CPU 缓冲区错误漏洞
Vulnerability Description
Schneider Electric Modicon M580 CPU是法国施耐德电气(Schneider Electric)公司的一款M580以太网可编程自动化控制器的处理器模块。 Schneider Electric Modicon M580 CPU 存在安全漏洞,该漏洞源于Modicon M580 CPU(部件号 BMEP* 和 BMEH*)中存在一个越界读取。攻击者可利用该漏洞导致 Modicon PLC 控制器/模拟器拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A