7.5 - CVE-2021-22792

Executive Summary

Informations
Name	CVE-2021-22792	First vendor Publication	2021-09-02
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score	7.5
Base Score	7.5	Environmental Score	7.5
impact SubScore	3.6	Temporal Score	7.5
Exploitabality Sub Score	3.9

Attack Vector	Network	Attack Complexity	Low
Privileges Required	None	User Interaction	None
Scope	Unchanged	Confidentiality Impact	None
Integrity Impact	None	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22792

CPE : Common Platform Enumeration

Type	Description	Count
Hardware	Schneider-Electric Modicon M340 Bmxp341000 cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:::::::*	1
Hardware	Schneider-Electric Modicon M340 Bmxp342010 cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:::::::*	1
Hardware	Schneider-Electric Modicon M340 Bmxp342020 cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:::::::*	1
Hardware	Schneider-Electric Modicon M340 Bmxp342030 cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh582040 cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh582040C cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh582040S cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh584040 cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh584040C cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh584040S cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh586040 cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh586040C cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmeh586040S cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep581020 cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep581020H cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep582020 cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep582020H cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep582040 cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep582040H cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep582040S cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep583020 cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep583040 cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep584020 cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep584040 cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep584040S cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep585040 cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep585040C cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep586040 cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:::::::*	1
Hardware	Schneider-Electric Modicon M580 Bmep586040C cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:::::::*	1
Hardware	Schneider-Electric Modicon Mc80 Bmkc8020301 cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:::::::*	1
Hardware	Schneider-Electric Modicon Mc80 Bmkc8020310 cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:::::::*	1
Hardware	Schneider-Electric Modicon Mc80 Bmkc8030311 cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:::::::*	1
Hardware	Schneider-Electric Modicon Momentum 171Cbu78090 cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:::::::*	1
Hardware	Schneider-Electric Modicon Momentum 171Cbu98090 cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:::::::*	1
Hardware	Schneider-Electric Modicon Momentum 171Cbu98091 cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 1634M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 2634M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 2834M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 454M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 4634M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 554M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 5634M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:::::::*	1
Hardware	Schneider-Electric Modicon Premium Tsxp57 6634M cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:::::::*	1
Hardware	Schneider-Electric Modicon Quantum 140Cpu65150 cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:::::::*	1
Hardware	Schneider-Electric Modicon Quantum 140Cpu65150C cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:::::::*	1
Hardware	Schneider-Electric Modicon Quantum 140Cpu65160 cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:::::::*	1
Hardware	Schneider-Electric Modicon Quantum 140Cpu65160C cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:::::::*	1
Hardware	Schneider-Electric Plc Simulator For Ecostruxure Control Expert cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:::::::*	1
Hardware	Schneider-Electric Plc Simulator For Ecostruxure Process Expert cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:::::::*	1

Sources (Detail)

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 13:52:45	Multiple Updates
2021-09-14 00:22:52	Multiple Updates
2021-09-02 21:23:21	First insertion

Type	Count
CPE ID(s)	49
Sources(s)	2

7.5 - CVE-2021-22792

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU