CVE-2021-22800

A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
schneiderCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
schneider-electricmodicon_m218_firmware
𝑥
≤ 5.1.0.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-04
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-04