Vulnerability Description
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Modicon M340 Bmx Noc 0401 Firmware | - |
| Schneider-Electric | Modicon M340 Bmx Noc 0401 | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0100 Firmware | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0100 | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0100H Firmware | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0100H | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0110 Firmware | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0110 | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0110H Firmware | - |
| Schneider-Electric | Modicon M340 Bmx Noe 0110H | - |
| Schneider-Electric | Modicon M340 Bmx Nor 0200H Firmware | - |
| Schneider-Electric | Modicon M340 Bmx Nor 0200H | - |
| Schneider-Electric | Modicon M340 Bmx P34-2010 Firmware | - |
| Schneider-Electric | Modicon M340 Bmx P34-2010 | - |
| Schneider-Electric | Modicon M340 Bmx P34-2030 Firmware | - |
| Schneider-Electric | Modicon M340 Bmx P34-2030 | - |
| Schneider-Electric | Modicon M340 Bmxp341000 Firmware | - |
| Schneider-Electric | Modicon M340 Bmxp341000 | - |
| Schneider-Electric | Modicon M340 Bmxp342010 Firmware | - |
| Schneider-Electric | Modicon M340 Bmxp342010 | - |
Related Weaknesses (CWE)
References
- http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdfBroken LinkThird Party AdvisoryUS Government Resource
- http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdfBroken LinkThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2013-2763?
CVE-2013-2763 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it ...
How severe is CVE-2013-2763?
CVE-2013-2763 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2763?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Modicon M340 Bmx Noc 0401 Firmware, Schneider-Electric Modicon M340 Bmx Noc 0401, Schneider-Electric Modicon M340 Bmx Noe 0100 Firmware, Schneider-Electric Modicon M340 Bmx Noe 0100, Schneider-Electric Modicon M340 Bmx Noe 0100H Firmware.