Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-5056

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the filesystem.

Published

2024-06-12T12:15:10.233

Last Modified

2024-11-21T09:46:52.267

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-552

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	schneider-electric	modicon_m340_firmware	*	Yes
Hardware	schneider-electric	modicon_m340	*	No
Operating System	schneider-electric	bmxnoe0100_firmware	*	Yes
Hardware	schneider-electric	bmxnoe0100	*	No
Operating System	schneider-electric	bmxnoe0110_firmware	*	Yes
Hardware	schneider-electric	bmxnoe0110	*	No

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-01.pdf Vendor Advisory ([email protected])
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-01.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)