{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-22786", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "dateUpdated": "2025-02-05T20:06:44.280Z", "dateReserved": "2021-01-06T00:00:00.000Z", "datePublished": "2023-02-01T00:00:00.000Z"}, "containers": {"cna": {"datePublic": "2022-08-09T00:00:00.000Z", "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2023-02-01T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)"}], "affected": [{"vendor": "Schneider Electric", "product": "Modicon M340 CPU (part numbers BMXP34*)", "versions": [{"version": "All", "status": "affected", "lessThan": "V3.30", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)", "versions": [{"version": "All", "status": "affected", "lessThan": "V3.20", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "versions": [{"version": "All Versions", "status": "affected"}]}, {"vendor": "Schneider Electric", "product": "Modicon MC80 (BMKC80)", "versions": [{"version": "All", "status": "affected", "lessThan": "V1.6", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon Momentum CPU (171CBU*)", "versions": [{"version": "All", "status": "affected", "lessThan": "V2.3", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Legacy Modicon Quantum", "versions": [{"version": "All Versions", "status": "affected"}]}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-200 Information Exposure", "cweId": "CWE-200"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:51:07.574Z"}, "title": "CVE Program Container", "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-05T19:54:57.011597Z", "id": "CVE-2021-22786", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T20:06:44.280Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:51:07.574Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-22786", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-05T19:54:57.011597Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T19:54:58.415Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Schneider Electric", "product": "Modicon M340 CPU (part numbers BMXP34*)", "versions": [{"status": "affected", "version": "All", "lessThan": "V3.30", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)", "versions": [{"status": "affected", "version": "All", "lessThan": "V3.20", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)", "versions": [{"status": "affected", "version": "All Versions"}]}, {"vendor": "Schneider Electric", "product": "Modicon MC80 (BMKC80)", "versions": [{"status": "affected", "version": "All", "lessThan": "V1.6", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Modicon Momentum CPU (171CBU*)", "versions": [{"status": "affected", "version": "All", "lessThan": "V2.3", "versionType": "custom"}]}, {"vendor": "Schneider Electric", "product": "Legacy Modicon Quantum", "versions": [{"status": "affected", "version": "All Versions"}]}], "datePublic": "2022-08-09T00:00:00.000Z", "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Information Exposure"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2023-02-01T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2021-22786", "state": "PUBLISHED", "dateUpdated": "2025-02-05T20:06:44.280Z", "dateReserved": "2021-01-06T00:00:00.000Z", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "datePublished": "2023-02-01T00:00:00.000Z", "assignerShortName": "schneider"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D891E712-7FA2-4CB2-B2EE-EAC1BB172993", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*", "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "741AED85-8328-4050-8780-487F0B4F6EBB", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A85EE6A-6D75-4A5E-8778-69D909ADA0F8", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*", "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "77202E5E-F1E5-424D-A7CB-1AADC61AF2A6", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*", "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "866BFE7D-D688-40B1-B6E9-B140529001C3", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*", "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37F7B762-250F-4E44-ADE4-DA133CA13194", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*", "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "91B5097C-C807-4876-A398-284180B2A5A9", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*", "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "383AB87D-0244-46E6-A509-1C6A85357C37", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*", "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "03AF16B9-E1A6-42C1-9268-87F6C4F0C822", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*", "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7963099F-9045-48F3-AF78-818EAC56DF6A", "versionEndExcluding": "3.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "75365643-792C-4629-9F55-0E72FE2CA421", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*", "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE16B26B-2833-410A-AD2E-FEB22A3314A5", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "90196FCE-1FA7-4042-981B-DE15D94AEAE4", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "125AEA33-E18A-49FE-BF88-7E8F5EAD9C64", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*", "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB71FB34-5ADA-4C0E-B543-46771FB68A06", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "49F91CCB-F349-4D40-80F9-71D06C0C1FAA", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "10B4F452-B9AD-406D-B1CC-6178D03C78B8", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*", "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5448F5CF-8FB8-4757-9FD5-276159B7DAE9", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9DF405A-9B2B-4607-97CF-DE0F2BB27354", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "30433BF7-67D6-47F5-93FC-FDD227AF0FAE", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*", "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "773672C2-2CAF-4228-A1BE-440B2A082C9C", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F283DBAB-23CB-4D03-8780-11721A7A1A4B", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*", "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9516F92-B6CE-49E6-B300-EE722AAD7571", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C98F5559-FA1C-4048-B7DC-7D305EEF27F1", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "36C82ED8-9F11-4189-8ACD-3AF589F7B5E5", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*", "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C51971DE-3C54-4166-A885-93CD7422BFCF", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DDDFF4B-AAF4-4E94-B003-E5ACA16B80B4", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F72A74E1-F374-423E-8CDD-448836A1EC73", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*", "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D3A9B66-AFD1-40CE-A95B-C2E8AB39ED36", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*", "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5135-3F09-443D-802F-1FE5D30C373C", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A780135C-34F9-451E-80FB-451467BA1D1B", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1A3344A-9259-41B0-BB39-91A171E10823", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*", "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB8948EA-A4F5-4C61-AF26-D7E74BB137FE", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFECD92C-1415-4780-9440-E899060EB88D", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C7FAF22-80AC-4933-8210-87200B769A4A", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*", "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F6496D4-3FC1-4324-90C6-EB049E51E5FF", "versionEndExcluding": "2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C043867-197B-42C5-9023-9BA43EF90D20", "versionEndExcluding": "2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*", "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECCA96AA-E485-4B70-81EF-E4DB5ADC8B70", "versionEndExcluding": "2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4C34115-3B58-458D-9835-0DE028593A50", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*", "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B749D0E-FBEB-477E-B1FF-F09B34F41A94", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA1B1CD2-17D4-456F-ADB9-F22190097AB0", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*", "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)"}], "id": "CVE-2021-22786", "lastModified": "2024-11-21T05:50:39.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "cybersecurity@se.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-01T04:15:08.603", "references": [{"source": "cybersecurity@se.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "cybersecurity@se.com", "type": "Secondary"}]}

{}

{}