CVE-2024-12142
8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Summary
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | Modicon M340 processors (part numbers BMXP34*) | All versions | affected |
| Schneider Electric | BMXNOE0100 | All versions | affected |
| Schneider Electric | BMXNOE0110 | All Versions | affected |
| Schneider Electric | BMXNOR0200H | Versions prior to SV1.70IR26 | affected |
Weaknesses
- CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.