← volver
CVE-2024-8936

CVE-2024-8936

CVSS 8.3 HIGHEPSS 0.5%CWE-20
CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory.
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
Schneider Electric · Modicon M340 CPU (part numbers BMXP34*)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://download.schneider-electric.com/doc/SEVD-2024-317-03/SEVD-2024-317-03.pdf