Modicon M340, Modbus/TCP Ethernet Modicon M340 module, and Modbus/TCP Ethernet Modicon M340 FactoryCast module
Monitor6.5SEVD-2024-163-01Jun 11, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
A vulnerability exists in Schneider Electric Modicon M340 and its network modules (BMXNOE0100 and BMXNOE0110) that allows an unauthenticated attacker with network access to bypass file access restrictions. This could prevent users from updating device firmware and impair web server functionality. Modicon M340 operations themselves are not directly impacted, but the inability to perform firmware updates and manage the device remotely creates operational risk.
What this means
What could happen
An attacker with network access to the Modicon M340 or its Ethernet modules could modify files or disrupt web server functionality, potentially preventing legitimate firmware updates or device management operations.
Who's at risk
Energy utilities using Schneider Electric Modicon M340 programmable automation controllers, particularly those with BMXNOE0100 or BMXNOE0110 Ethernet network modules. This affects any facility relying on these controllers for process automation, monitoring, or control functions.
How it could be exploited
An attacker on the network sends a specially crafted request to the web server interface of the Modicon M340, BMXNOE0100, or BMXNOE0110 module. The vulnerability allows the attacker to bypass file access restrictions and write or modify files on the device, including those needed for firmware updates or web server operation.
Prerequisites
- Network access to the web server port (typically 80/443)
- No authentication required to exploit the vulnerability
- Device must be reachable on the network
remotely exploitableno authentication requiredlow complexityaffects device management capabilities
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (3)
2 with fix1 EOL
ProductAffected VersionsFix Status
Modbus/TCP Ethernet Modicon M340 module<SV3.60SV3.60
Modbus/TCP Ethernet Modicon M340 FactoryCast module<SV6.80SV6.80
Modicon M340 All versionsAll versionsNo fix (EOL)
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
Modbus/TCP Ethernet Modicon M340 module
HOTFIXUpdate BMXNOE0100 (Modbus/TCP Ethernet Modicon M340 module) to firmware version SV3.60 or later during a scheduled maintenance window
Modbus/TCP Ethernet Modicon M340 FactoryCast module
HOTFIXUpdate BMXNOE0110 (Modbus/TCP Ethernet Modicon M340 FactoryCast module) to firmware version SV6.80 or later during a scheduled maintenance window
Mitigations - no patch available
0/1Modicon M340 All versions has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGFor Modicon M340 controller itself (no patch available): restrict network access to the device using firewall rules or network segmentation to limit exposure to untrusted networks
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/210f6937-3264-4c4b-8475-832eeb133a29