CVE-2024-5056

Name of the Vulnerable Software and Affected Versions Schneider Electric Modicon M340 versions (affected versions not specified) Modicon M340 BMXNOE0100 versions (affected versions not specified) Modicon M340 BMXNOE0110 versions (affected versions not specified)

Description The issue is related to the use of files and directories accessible to external parties. Exploitation of this issue may allow a remote attacker to prevent device firmware updates and cause improper web server behavior by removing specific files or directories from the file system.

Recommendations For Schneider Electric Modicon M340, restrict access to files and directories to prevent external interference until a patch is available. For Modicon M340 BMXNOE0100, consider disabling external access to the file system to minimize the risk of exploitation. For Modicon M340 BMXNOE0110, avoid using removable files or directories in the affected filesystem until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.