CVE-2021-22786

A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
schneiderCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
VendorProductVersion
schneider-electricmodicon_m340_bmxp341000_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp342000_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp342010_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp3420102_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp342020_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp342020h_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp342030_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp3420302_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp3420302h_firmware
𝑥
< 3.40
schneider-electricmodicon_m340_bmxp342030h_firmware
𝑥
< 3.40
schneider-electricmodicon_m580_bmeh582040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh582040c_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh582040s_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh584040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh584040c_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh584040s_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh586040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh586040c_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmeh586040s_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep581020_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep581020h_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep582020_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep582020h_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep582040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep582040h_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep582040s_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep583020_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep583040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep584020_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep584040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep584040s_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep585040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep585040c_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep586040_firmware
𝑥
≤ 3.20
schneider-electricmodicon_m580_bmep586040c_firmware
𝑥
≤ 3.20
schneider-electricmodicon_momentum_171cbu78090_firmware
𝑥
< 2.4
schneider-electricmodicon_momentum_171cbu98090_firmware
𝑥
< 2.4
schneider-electricmodicon_momentum_171cbu98091_firmware
𝑥
< 2.4
schneider-electricmodicon_mc80_bmkc8020301_firmware
𝑥
< 1.70
schneider-electricmodicon_mc80_bmkc8020310_firmware
𝑥
< 1.70
schneider-electricmodicon_mc80_bmkc8030311_firmware
𝑥
< 1.70
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf