{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-37301", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "dateUpdated": "2025-04-28T14:32:19.547Z", "dateReserved": "2022-08-01T00:00:00.000Z", "datePublished": "2022-11-22T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2022-11-22T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)"}], "affected": [{"vendor": "Schneider Electric", "product": "Modicon M340 CPU (part numbers BMXP34*)", "versions": [{"version": "V", "status": "affected", "lessThanOrEqual": "3.40", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ", "versions": [{"version": "V", "status": "affected", "lessThanOrEqual": "3.22", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Legacy Modicon Quantum/Premium", "versions": [{"version": "All Versions", "status": "affected"}]}, {"vendor": "Schneider Electric", "product": "Modicon Momentum MDI (171CBU*)", "versions": [{"version": "All Versions", "status": "affected"}]}, {"vendor": "Schneider Electric", "product": "Modicon MC80 (BMKC80)", "versions": [{"version": "V", "status": "affected", "lessThanOrEqual": "1.7", "versionType": "custom"}]}], "references": [{"url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-191 Integer Underflow (Wrap or Wraparound)", "cweId": "CWE-191"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:29:20.468Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-28T14:32:06.292092Z", "id": "CVE-2022-37301", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-28T14:32:19.547Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:29:20.468Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-37301", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-28T14:32:06.292092Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-28T14:32:12.487Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Schneider Electric", "product": "Modicon M340 CPU (part numbers BMXP34*)", "versions": [{"status": "affected", "version": "V", "versionType": "custom", "lessThanOrEqual": "3.40"}]}, {"vendor": "Schneider Electric", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ", "versions": [{"status": "affected", "version": "V", "versionType": "custom", "lessThanOrEqual": "3.22"}]}, {"vendor": "Schneider Electric", "product": "Legacy Modicon Quantum/Premium", "versions": [{"status": "affected", "version": "All Versions"}]}, {"vendor": "Schneider Electric", "product": "Modicon Momentum MDI (171CBU*)", "versions": [{"status": "affected", "version": "All Versions"}]}, {"vendor": "Schneider Electric", "product": "Modicon MC80 (BMKC80)", "versions": [{"status": "affected", "version": "V", "versionType": "custom", "lessThanOrEqual": "1.7"}]}], "references": [{"url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-191", "description": "CWE-191 Integer Underflow (Wrap or Wraparound)"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2022-11-22T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-37301", "state": "PUBLISHED", "dateUpdated": "2025-04-28T14:32:19.547Z", "dateReserved": "2022-08-01T00:00:00.000Z", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "datePublished": "2022-11-22T00:00:00.000Z", "assignerShortName": "schneider"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF6EFD0B-1D69-40D0-B7B9-C46FD8E9DF40", "versionEndExcluding": "3.50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*", "matchCriteriaId": "A76270E2-D48F-4149-9A97-76F3C5749723", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0140B9B8-8D02-4758-A5A9-2B14B3CBB3DF", "versionEndExcluding": "3.50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FA6EC11-5E37-4534-908F-D3424AE01C79", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4DB31C8-0E2D-4EAC-B8AD-260D7B4E53D9", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*", "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A275FCA0-55B9-4CA6-96E4-A57CEF0F8316", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9098867D-6A2B-42C4-9C35-16AC5030DA70", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AED19071-C1B3-4633-80D7-62E4209B573A", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*", "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFF5BD50-38B3-4CF8-9550-8C1895F23D81", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F959D278-C7A8-4E8C-ADB8-3254B380E409", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DF67EAC-9D48-42F7-A9F4-BAEAAB746881", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*", "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A8D2EF1-81D5-4801-AFBF-1CB9122DFEC6", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "97EDAD5F-561F-4F3C-9718-3B8B8A5404F5", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FFA2751-CA21-48C3-9DD0-DF2870EB1375", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*", "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD59535C-EBC2-4775-9147-41045F091638", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "94EE3F37-836D-4872-8DBE-77E5C1E9FB6B", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*", "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A045D3A4-237E-469F-9037-585471F8C44F", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB09E64C-072A-4610-88BC-D566862659D5", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FBD04E1-55EE-4887-A098-0F1DD35B068E", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*", "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "62FE2B68-6D92-45C2-9E75-C779E831ADB8", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F95EA094-64BE-431E-8F6E-5430627C4006", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "123B1BB8-86B8-4CE3-9B61-DFADA5BC9C3D", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*", "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "24DC160B-78A9-4CD6-9AC2-5806E93AAE80", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*", "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "690ADE34-3955-4167-8AF7-B64B9B95E9BC", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "38E5A8DC-94EA-4436-A252-9E803248EB8C", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D50A27C4-73B8-4883-893D-A81F8300D1BD", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*", "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "485C5EE3-4455-4D49-B03E-A7B21CCF9D44", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E7E0E8A-2189-48A7-9B6B-3FC7CDDC0F74", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D53FD731-D404-43DF-8990-8F17F2E13F94", "versionEndExcluding": "4.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B29E8197-8592-404D-A133-A3B5AC423F34", "versionEndExcluding": "1.8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*", "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D821580-8AFC-40F1-B1E5-6C9EF2C17728", "versionEndExcluding": "1.8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "833A8209-9A7B-4CC7-9BBA-125ABC05AC48", "versionEndExcluding": "1.8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*", "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B26E867-5C0E-413E-B733-6865347C2140", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FA5F1B5-FEC3-458B-B411-AC19E90E2973", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*", "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "49247DB1-4B53-480B-B7BB-A0E37613E3D2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_1634m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C5D930A5-787A-48FD-BFA2-4D1BC70C9224", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2634m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "80937C5F-5962-46D3-8BA2-1650CAC6DC0C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*", "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2834m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "695475B9-A4A4-4218-8D21-71797A0F1F10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*", "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_454m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B787E978-0842-4385-9ADD-6CA947A6F697", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*", "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_4634m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1788D10E-11FB-4EF1-9B57-89A2EF3A4576", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_554m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C613326A-E313-4B3F-ADF7-128B3A904422", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*", "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_5634m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8AC92C16-6212-4D20-B478-98D538C2FCCF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*", "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_6634m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "72F0A61F-37A4-43C9-BC78-296C9AF08341", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*", "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF686D3D-B614-41D1-A023-3DA76B296601", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "520D0A9C-ACC9-4FDD-93F5-DD807BA3C4DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*", "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1BF8361-6FA9-46A1-93B3-3CC269935F50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8B77E0F-CC13-42B6-AF46-556FB02BA4CD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noc78100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "100EF6DF-31D9-4942-8C1D-093A98A50B12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noc78100:-:*:*:*:*:*:*:*", "matchCriteriaId": "41D30C1F-F8C6-4B4A-8F62-C4F5B22E485C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F92A60EA-6BBF-4AEE-9996-3570E3DCD60D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*", "matchCriteriaId": "820638DC-323D-4187-8468-2495C1505860", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "26DB16A6-2F84-487C-B061-6EFF81A3673C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C5587FE-4270-490C-BFE7-6DFC2B7AFE79", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)"}, {"lang": "es", "value": "Existe una vulnerabilidad CWE-191: Integer Underflow (Wrap o Wraparound) que podr\u00eda causar una Denegaci\u00f3n de Servicio (DoS) del controlador debido a violaciones de acceso a la memoria cuando se utiliza el protocolo Modbus TCP. Productos afectados: CPU Modicon M340 (n\u00fameros de pieza BMXP34*)(V3.40 y anteriores), CPU Modicon M580 (n\u00fameros de pieza BMEP* y BMEH*)(V3.22 y anteriores), Modicon Quantum/Premium heredado (todas las versiones), Modicon Momentum MDI (171CBU*)(todas las versiones), Modicon MC80 (BMKC80)(V1.7 y anteriores)"}], "id": "CVE-2022-37301", "lastModified": "2024-11-21T07:14:42.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "cybersecurity@se.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-22T12:15:09.927", "references": [{"source": "cybersecurity@se.com", "tags": ["Vendor Advisory"], "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-191"}], "source": "cybersecurity@se.com", "type": "Secondary"}]}

{}

{}