CVE-2022-34763

Name of the Vulnerable Software and Affected Versions X80 advanced RTU Communication Module versions 2.01 and later OPC UA Modicon Communication Module versions 1.10 and prior

Description A vulnerability exists due to insufficient verification of data authenticity, which could cause the loading of unauthorized firmware images. This is a result of improper verification of the firmware signature. The issue may allow a remote attacker to cause a denial of service.

Recommendations For X80 advanced RTU Communication Module versions 2.01 and later, update the firmware to a version that properly verifies the authenticity of firmware images. For OPC UA Modicon Communication Module versions 1.10 and prior, update the firmware to a version that properly verifies the authenticity of firmware images. As a temporary workaround, consider restricting access to the firmware update mechanism to minimize the risk of exploitation.