Unknown
CVE-2021-22786
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2021-22786
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58S) (All Versions), Modicon Momentum MDI (171CBU) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- modicon m340 bmxp341000 firmware,
- modicon m340 bmxp342000 firmware,
- modicon m340 bmxp342010 firmware,
- modicon m340 bmxp3420102 firmware,
- modicon m340 bmxp342020 firmware,
- modicon m340 bmxp342020h firmware,
- modicon m340 bmxp342030 firmware,
- modicon m340 bmxp3420302 firmware,
- modicon m340 bmxp3420302h firmware,
- modicon m340 bmxp342030h firmware,
- modicon m580 bmeh582040 firmware,
- modicon m580 bmeh582040c firmware,
- modicon m580 bmeh582040s firmware,
- modicon m580 bmeh584040 firmware,
- modicon m580 bmeh584040c firmware,
- modicon m580 bmeh584040s firmware,
- modicon m580 bmeh586040 firmware,
- modicon m580 bmeh586040c firmware,
- modicon m580 bmeh586040s firmware,
- modicon m580 bmep581020 firmware,
- modicon m580 bmep581020h firmware,
- modicon m580 bmep582020 firmware,
- modicon m580 bmep582020h firmware,
- modicon m580 bmep582040 firmware,
- modicon m580 bmep582040h firmware,
- modicon m580 bmep582040s firmware,
- modicon m580 bmep583020 firmware,
- modicon m580 bmep583040 firmware,
- modicon m580 bmep584020 firmware,
- modicon m580 bmep584040 firmware,
- modicon m580 bmep584040s firmware,
- modicon m580 bmep585040 firmware,
- modicon m580 bmep585040c firmware,
- modicon m580 bmep586040 firmware,
- modicon m580 bmep586040c firmware,
- modicon mc80 bmkc8020301 firmware,
- modicon mc80 bmkc8020310 firmware,
- modicon mc80 bmkc8030311 firmware,
- modicon momentum 171cbu78090 firmware,
- modicon momentum 171cbu98090 firmware,
- modicon momentum 171cbu98091 firmware
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
