QwikSec

Security Database

CVE

CWE

Training

CVE-2021-22749

Published: Jun 11, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially crafted HTTP request is sent to the web server of the module.

Vendor	Product	Versions
n/a	Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior	affected `Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior`

Weaknesses (CWE)

References

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-05

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.