Schneider Electric Modicon M340 Controller and Communication Modules

Source: All CISA Advisories | Added:

Schneider Electric's Modicon M340 and associated communication modules have a vulnerability due to improper input validation, which could allow attackers to cause a denial-of-service condition. The vulnerability, tracked as CVE-2025-6625, affects multiple versions of the Modicon M340 products and requires immediate attention to mitigate risks.

---

Impact: Modicon M340, BMXNOR0200H, BMXNGD0100, BMXNOC0401, BMXNOE0100, BMXNOE0110

In the Wild: No

Age: Newly disclosed

Remediation: Upgrade to version 3.60 for BMXNOE0100 and version 6.80 for BMXNOE0110; disable FTP service when not in use; implement network segmentation and firewalls.

Read Full Original Article →