CVE-2023-25620
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-25620
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller by an authenticated user.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对因果或异常条件的不恰当检查
Source: NVD (National Vulnerability Database)
Vulnerability Title
Schneider Electric Modicon M580 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Schneider Electric Modicon M580是法国施耐德电气(Schneider Electric)公司的一款可编程自动化控制器。 Schneider Electric Modicon M580 SV4.10之前版本、Modicon Modicon M340 CPU SV3.51之前版本 存在代码问题漏洞,该漏洞源于当恶意项目文件加载到控制器时,可能会导致控制器拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) | prior to SV3.51 | - | |
| Schneider Electric | Modicon M580 CPU (part numbers BMEP* and BMEH*) | prior to V4.10 | - | |
| Schneider Electric | Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) | All | - | |
| Schneider Electric | Modicon Momentum Unity M1E Processor (171CBU*) | All | - | |
| Schneider Electric | Modicon MC80 (BMKC80) | All | - | |
| Schneider Electric | Legacy Modicon Quantum (140CPU65*) | All | - | |
| Schneider Electric | Legacy Modicon Premium CPUs (TSXP57*) | All | - |
II. Public POCs for CVE-2023-25620
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-25620
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: Schneider Electric
- CVE-2026-2401
Schneider Electric PowerChute Serial Shutdown 日志信息泄露漏洞 - CVE-2026-2400
Schneider Electric PowerChute Serial Shutdown 注入漏洞 - CVE-2026-2403
Schneider Electric PowerChute Serial Shutdown 安全漏洞 - CVE-2026-2405
Schneider Electric PowerChute Serial Shutdown 资源管理错误漏洞 - CVE-2026-2402
Schneider Electric PowerChute Serial Shutdown 安全漏洞
Same weakness: CWE-754
- CVE-2026-41662
Admidio: Missing Minimum Administrator Check in Role Members - CVE-2026-35225
Improper timeout handling in CODESYS EtherNetIP - CVE-2026-35366
uutils coreutils printenv Security Inspection Bypass via UTF - CVE-2026-40343
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPos - CVE-2026-40249
free5gc UDR fail-open request handling in PolicyDataSubsToNo
V. Comments for CVE-2023-25620
Anonymous User
2026-01-15 06:09:28Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.