2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2020-7536" ,
"sourceIdentifier" : "cybersecurity@se.com" ,
"published" : "2020-12-11T01:15:12.190" ,
2024-11-23 13:10:58 +00:00
"lastModified" : "2024-11-21T05:37:20.047" ,
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP."
} ,
{
"lang" : "es" ,
"value" : "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M340 CPUs (BMXP34* versiones anteriores a V3.30) M\u00f3dulos Modicon M340 Communication Ethernet (BMXNOE0100 (H) versiones anteriores a V3.4, BMXNOE0110 (H) versiones anteriores a V6.6, BMXNOR0200H todas las versiones), lo que podr\u00eda causar que el dispositivo no sea accesible cuando se modifican los par\u00e1metros de red a trav\u00e9s de SNMP"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:C" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 7.8 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "COMPLETE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 6.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "cybersecurity@se.com" ,
2024-12-15 03:03:56 +00:00
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-754"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "C440362A-7E0E-497C-B275-409E9B57D8A2"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "178D2338-E48E-493C-992F-337AACE794DE"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "B6ACCC66-4075-4EE9-A6BA-01EF7529C568"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6D150239-27E2-4CBE-A931-5107C15E362F"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "FD031F4E-9F3C-4035-AFB8-B7442F1B2475"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "98212CF5-BCF4-4A55-B62A-484569687B4E"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D30336F0-EDCF-486C-B52E-D0C53BCDFC65"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "E5481772-5E18-4985-A5E5-F7223B52A90B"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "99F2F851-C18F-4CB8-B47C-516F2AC7955D"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "1A83CF92-F35F-416F-B571-CA5600BF671F"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "354968F7-C41B-4C21-8E47-81DC07DF0EA5"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*" ,
2023-04-24 12:24:31 +02:00
"versionEndExcluding" : "3.30" ,
2024-04-10 16:03:29 +00:00
"matchCriteriaId" : "8E506AD9-C302-4D41-B971-46DE19AF83FB"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
2024-04-10 16:03:29 +00:00
"criteria" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "32091F91-9397-4506-8801-C68B9E8B60F0"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.4" ,
"matchCriteriaId" : "4C045040-20CA-488D-A36D-A433754A33E8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "80FC6FF2-D662-4A57-AAA6-BC04351DC779"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "6.6" ,
"matchCriteriaId" : "1A33A381-6772-4137-A677-5F73EA398FF6"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "98F3B055-8919-4E09-9827-288F0A03DAFF"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AECF5778-C5F5-4789-BD3D-793B35DDDBDF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "60D9A366-3394-4275-B884-AE6E7227156E"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://security.cse.iitk.ac.in/responsible-disclosure" ,
"source" : "cybersecurity@se.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/" ,
"source" : "cybersecurity@se.com" ,
"tags" : [
"Vendor Advisory"
]
2024-11-23 13:10:58 +00:00
} ,
{
"url" : "https://security.cse.iitk.ac.in/responsible-disclosure" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
