CVE-2022-34763
5.9
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | OPC UA Modicon Communication Module | BMENUA0100 < V1.10 | affected |
| Schneider Electric | X80 advanced RTU Communication Module | V2.01 < BMENOR2200H* | affected |
Weaknesses
- CWE-345: CWE-345 Insufficient Verification of Data Authenticity
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.