Schneider Electric Alert
1820Warning Date
Severity Level
Warning Number
Target Sector
18 January, 2022
● High
2022-4234
All
Schneider Electric has released a security alert to address several vulnerabilities in the following products:
- Modicon M340 CPUs: BMXP34
- Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65
- Modicon M340 ethernet modules:
- BMXNOC0401
- BMXNOE01
- BMXNOR0200H
- Modicon Quantum and Premium factory cast communication modules:
- 140NOE77111
- 140NOC78
- TSXETY5103
- TSXETY4103
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Cross-site request forgery (CSRF)
The CERT team encourages users to review Schneider Electric security advisory and apply the necessary mitigations and updates when available: