CVE-2024-12142

CVE-2024-12142

CVSS 8.8 HIGHEPSS 0.3%CWE-200

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Schneider Electric · BMXNOE0100 Schneider Electric · BMXNOE0110 Schneider Electric · BMXNOR0200H Schneider Electric · Modicon M340 processors (part numbers BMXP34*)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-05.pdf