CVE-2022-34763

Summary

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricOPC UA Modicon Communication ModuleBMENUA0100 < V1.10affected
Schneider ElectricX80 advanced RTU Communication ModuleV2.01 < BMENOR2200H*affected

Weaknesses

  • CWE-345: CWE-345 Insufficient Verification of Data Authenticity

ADP Enrichment

CVE Program Container

Additional References

References