Bmxnoc0401

This hub aggregates every CVE we track for Bmxnoc0401, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 7 most recently published vulnerabilities affecting Bmxnoc0401.

• CVE-2025-6625CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device.7.5Aug 18, 2025
• CVE-2020-7534A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the use...8.8Feb 4, 2022
• CVE-2020-7536A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H...7.5Dec 11, 2020
• CVE-2020-7533CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests.9.8Dec 1, 2020
• CVE-2019-6859A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notificati...7.5Apr 22, 2020
• BDU:2019-04152Уязвимость реализации протокола FTP в микропрограммном обеспечении программируемых логических контроллеров серий Modicon M340, Modicon Quantum и Modicon Premium, позволяющая нарушителю получить доступ к учетным данным пользователей7.5Nov 19, 2019
• CVE-2015-7937Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP B...10.0Dec 21, 2015