crafted FTP command is sent to the device.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Schneider Electric | Modicon M340 | unaffected |
|
||||||
| Schneider ELectric | BMXNOR0200H: Ethernet / Serial RTU Module | unaffected |
|
||||||
| Schneider Electric | BMXNGD0100: M580 Global Data module | unaffected |
|
||||||
| Schneider Electric | BMXNOC0401: Modicon M340 X80 Ethernet Communication modules | unaffected |
|
||||||
| Schneider Electric | BMXNOE0100: Modbus/TCP Ethernet Modicon M340 module | unaffected |
|
||||||
| Schneider Electric | BMXNOE0110: Modbus/TCP Ethernet Modicon M340 FactoryCast module | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Schneider-electric | Bmxngd0100 | — | — |
| Schneider-electric | Bmxngd0100 Firmware | — | — |
| Schneider-electric | Bmxnoc0401 | — | — |
| Schneider-electric | Bmxnoc0401 Firmware | — | — |
| Schneider-electric | Bmxnoe0100 | — | — |
| Schneider-electric | Bmxnoe0100 Firmware | — | — |
| Schneider-electric | Bmxnoe0110 | — | — |
| Schneider-electric | Bmxnoe0110 Firmware | — | — |
| Schneider-electric | Bmxnor0200h | — | — |
| Schneider-electric | Bmxnor0200h Firmware | — | — |
| Schneider-electric | Modicon M340 | — | — |
| Schneider-electric | Modicon M340 Firmware | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-28756 | CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. |
Mon, 18 Aug 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Schneider-electric
Schneider-electric bmxngd0100 Schneider-electric bmxngd0100 Firmware Schneider-electric bmxnoc0401 Schneider-electric bmxnoc0401 Firmware Schneider-electric bmxnoe0100 Schneider-electric bmxnoe0100 Firmware Schneider-electric bmxnoe0110 Schneider-electric bmxnoe0110 Firmware Schneider-electric bmxnor0200h Schneider-electric bmxnor0200h Firmware Schneider-electric modicon M340 Schneider-electric modicon M340 Firmware |
|
| Vendors & Products |
Schneider-electric
Schneider-electric bmxngd0100 Schneider-electric bmxngd0100 Firmware Schneider-electric bmxnoc0401 Schneider-electric bmxnoc0401 Firmware Schneider-electric bmxnoe0100 Schneider-electric bmxnoe0100 Firmware Schneider-electric bmxnoe0110 Schneider-electric bmxnoe0110 Firmware Schneider-electric bmxnor0200h Schneider-electric bmxnor0200h Firmware Schneider-electric modicon M340 Schneider-electric modicon M340 Firmware |
Mon, 18 Aug 2025 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 18 Aug 2025 07:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. | |
| Weaknesses | CWE-20 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
MITRE
Status: PUBLISHED
Assigner: schneider
Published:
Updated: 2025-08-18T12:22:54.996Z
Reserved: 2025-06-25T10:08:00.547Z
Link: CVE-2025-6625
Vulnrichment
Updated: 2025-08-18T12:22:50.488Z
NVD
Status : Deferred
Published: 2025-08-18T07:15:29.763
Modified: 2026-04-15T00:35:42.020
Link: CVE-2025-6625
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-08-18T21:20:47Z