CVE-2022-34765
5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Summary
A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | OPC UA Modicon Communication Module | BMENUA0100 < V1.10 | affected |
| Schneider Electric | X80 advanced RTU Communication Module | V2.01 < BMENOR2200H* | affected |
Weaknesses
- CWE-73: CWE-73 External Control of File Name or Path
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.