CVE-2021-22791 — MEDIUM (6.5)

Vulnerability Description

A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Schneider-Electric	Modicon M340 Bmxp341000	-
Schneider-Electric	Modicon M340 Bmxp342010	-
Schneider-Electric	Modicon M340 Bmxp342020	-
Schneider-Electric	Modicon M340 Bmxp342030	-
Schneider-Electric	Modicon M580 Bmeh582040	-
Schneider-Electric	Modicon M580 Bmeh582040C	-
Schneider-Electric	Modicon M580 Bmeh582040S	-
Schneider-Electric	Modicon M580 Bmeh584040	-
Schneider-Electric	Modicon M580 Bmeh584040C	-
Schneider-Electric	Modicon M580 Bmeh584040S	-
Schneider-Electric	Modicon M580 Bmeh586040	-
Schneider-Electric	Modicon M580 Bmeh586040C	-
Schneider-Electric	Modicon M580 Bmeh586040S	-
Schneider-Electric	Modicon M580 Bmep581020	-
Schneider-Electric	Modicon M580 Bmep581020H	-
Schneider-Electric	Modicon M580 Bmep582020	-
Schneider-Electric	Modicon M580 Bmep582020H	-
Schneider-Electric	Modicon M580 Bmep582040	-
Schneider-Electric	Modicon M580 Bmep582040H	-
Schneider-Electric	Modicon M580 Bmep582040S	-

Related Weaknesses (CWE)

CWE-787

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06Not Applicable
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04PatchVendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06Not Applicable

FAQ

What is CVE-2021-22791?

CVE-2021-22791 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project fi...

How severe is CVE-2021-22791?

CVE-2021-22791 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-22791?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Modicon M340 Bmxp341000, Schneider-Electric Modicon M340 Bmxp342010, Schneider-Electric Modicon M340 Bmxp342020, Schneider-Electric Modicon M340 Bmxp342030, Schneider-Electric Modicon M580 Bmeh582040.