CVE-2022-45789

moderate-risk

Published 2023-01-31

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.1/10 High

NETWORK / HIGH complexity

Affected Products (20)

Ecostruxure Control Expert

Ecostruxure Process Expert

Modicon M340 Bmxp341000 Firmware

Modicon M340 Bmxp342000 Firmware

Modicon M340 Bmxp342010 Firmware

Modicon M340 Bmxp3420102 Firmware

Modicon M340 Bmxp342020 Firmware

Modicon M340 Bmxp342020H Firmware

Modicon M340 Bmxp342030 Firmware

Modicon M340 Bmxp3420302 Firmware

Modicon M340 Bmxp3420302H Firmware

Modicon M340 Bmxp342030H Firmware

Modicon M580 Bmep581020 Firmware

Modicon M580 Bmep581020H Firmware

Modicon M580 Bmep582020 Firmware

Modicon M580 Bmep582020H Firmware

Modicon M580 Bmep582040 Firmware

Modicon M580 Bmep582040H Firmware

Modicon M580 Bmep582040S Firmware

Modicon M580 Bmep583020 Firmware

Affected Vendors

Schneider-Electric

References (2)

Patch https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06&p_enDoc...

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 24/34 · High