CVE-2020-7563

8.8 HIGH

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers ...

Published: 2020-11-18 · Last updated: 2026-05-29

Severity and scoring

CVSS: 8.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787

Affected products

Vendor	Product
schneider-electric	modicon_m340_bmx_noc_0401_firmware, modicon_m340_bmx_noe_0100_firmware, modicon_m340_bmx_noe_0100h_firmware

Description

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2020-7563
[Vendor advisory]https://www.se.com/ww/en/download/document/SEVD-2020-315-01/
[Vendor advisory]https://www.se.com/ww/en/download/document/SEVD-2020-315-01/

Related CVEs

Same vendor

CVE-2026-6332 — CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information whic... (7.5 HIGH)
CVE-2022-0715 — A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a... (9.1 CRITICAL)
CVE-2021-22788 — A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP re... (7.5 HIGH)
CVE-2021-22787 — A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specia... (7.5 HIGH)
CVE-2021-22785 — A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to... (7.5 HIGH)

Same CWE

CVE-2026-47750 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
CVE-2026-47747 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
CVE-2026-47749 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
CVE-2026-12314 — Memory safety bug fixed in Thunderbird 152 (7.5 HIGH)
CVE-2026-12310 — Memory safety bug fixed in Thunderbird 152 (7.5 HIGH)