CVE-2021-22787

Name of the Vulnerable Software and Affected Versions Modicon M340 CPUs versions prior to V3.40 Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions) Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions) Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions) Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions) Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)

Description A vulnerability exists due to improper input validation, which could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. This can be achieved by sending specially formed GET requests to port 80.

Recommendations For Modicon M340 CPUs versions prior to V3.40, update to version V3.40 or later. For Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU, restrict access to the web server to minimize the risk of exploitation. For Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634, consider disabling the web server until a patch is available. For Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx, Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101, and Modicon Premium Communication Modules: TSXETY4103, TSXETY5103, avoid using the vulnerable HTTP endpoint until the issue is resolved. As a temporary workaround, consider blocking specially crafted GET requests to port 80.