Details of VAR-202011-1534

ID

VAR-202011-1534

TITLE

Schneider PLC-M340 has a denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-58380

DESCRIPTION

Schneider-Electric M340 PLC is widely used in the field of industrial control. It is a high performance and stable operation controller. Schneider PLC-M340 has a denial of service vulnerability. Attackers can use this vulnerability to cause the device's CPU RUN light to go out, the CPU module, communication module, and output module ERR to turn on, and control services stop.

Trust: 0.6

sources: CNVD: CNVD-2020-58380

IOT TAXONOMY

category:

['IoT', 'ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-58380

AFFECTED PRODUCTS

vendor:

schneider electric

model:

m340

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2020-58380

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-58380
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-58380
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-58380

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-58380

Trust: 0.6

sources: CNVD: CNVD-2020-58380

SOURCES

db:

CNVD

id:

CNVD-2020-58380

LAST UPDATE DATE

2022-05-04T09:32:38.196000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-58380

date:

2020-10-25T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-58380

date:

2020-11-22T00:00:00