CVE-2024-5056
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Summary
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the filesystem.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | Modicon M340 | All versions | affected |
| Schneider Electric | Network module, Modicon M340, Modbus/TCP BMXNOE0100 | All versions | affected |
| Schneider Electric | Network module, Modicon M340, Ethernet TCP/IP BMXNOE0110 | All Versions | affected |
Weaknesses
- CWE-552: CWE-552 Files or Directories Accessible to External Parties
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.