CVE-2023-25619 HIGH

CVE-2023-25619

Vendor Schneider Electric
Product Modicon M340 CPU (part numbers BMXP34*)
Weakness CWE-754
Published April 19, 2023
Last update February 5, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when communicating over the Modbus TCP protocol.

Key dates

02Disclosure timeline

April 19, 2023 CVE published
February 5, 2025 Record updated