← Back

Modicon M200 Firmware

modicon_m200_firmware

Vendor: Schneider Electric • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7489
1Schneider Electric
5Ecostruxure Machine Expert
Modicon M100 FirmwareModicon M200 Firmware+2 more
May 28, 2026
Apr 22, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in...Show more
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.Show less
CVE-2019-6820
1Schneider Electric
12Atv Imc Drive Controller Firmware
Modicon Lmc058 FirmwareModicon Lmc078 Firmware+9 more
May 28, 2026
May 22, 2019
N/A· v4
8.2 HIGH· v3
6.4 MEDIUM· v2
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is...Show more
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2Show less