PatchSiren cyber security CVE debrief
CVE-2024-12142 Schneider Electric CVE debrief
CVE-2024-12142 is a HIGH-severity Schneider Electric OT/ICS vulnerability affecting Modicon M340 processors and related modules. According to the advisory, it can expose restricted web pages, allow web page modification, and cause denial of service when specific web pages are modified and restricted functions are invoked. Vendor fixes exist for some modules, while mitigations are provided for Modicon M340 processors pending future remediations.
- Vendor
- Schneider Electric
- Product
- Modicon M340 processors
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-01-14
- Original CVE updated
- 2025-08-12
- Advisory published
- 2025-01-14
- Advisory updated
- 2025-08-12
Who should care
OT/ICS operators, plant engineers, control-system administrators, and security teams responsible for Schneider Electric Modicon M340 deployments should prioritize this issue. It is most relevant where the affected modules are reachable on production networks or where FTP and embedded web services are enabled.
Technical summary
The advisory describes a CWE-200 exposure issue that also has integrity and availability impact: restricted web content may be disclosed, web pages may be modified, and service disruption may occur when specific pages and restricted functions are used. Affected products include Modicon M340 processors (all versions), BMXNOE0100 prior to SV3.60, BMXNOE0110 prior to SV6.80, and BMXNOR0200H prior to SV1.70IR26. Schneider Electric’s update on 2025-08-12 added remediations for BMXNOE0100 and BMXNOE0110; for Modicon M340 processors BMXP34*, remediation was still being planned in the supplied advisory and mitigations were recommended in the meantime.
Defensive priority
High. The CVSS vector indicates network reachability with no privileges or user interaction required, and the impact includes confidentiality, integrity, and availability concerns. Prioritize patching supported modules and applying network/service mitigations immediately for any exposed or production-connected devices.
Recommended defensive actions
- Upgrade BMXNOR0200H to SV1.70IR26.
- Upgrade BMXNOE0100 to SV3.60.
- Upgrade BMXNOE0110 to SV6.80.
- For Modicon M340 processors BMXP34*, track Schneider Electric remediation updates and apply mitigations until a fix is available.
- Block unauthorized access to FTP port 21/TCP with network segmentation and firewall rules.
- Disable FTP service in EcoStruxure Control Expert where operationally feasible.
- Disable the Web server service in EcoStruxure Control Expert where operationally feasible.
- Apply the Access Control List guidance from Schneider Electric’s Modicon Controllers System Cybersecurity documentation.
Evidence notes
All impact and remediation details above come from the supplied Schneider Electric/CISA CSAF advisory and linked vendor notice. The supplied source lists fixed versions for BMXNOR0200H, BMXNOE0100, and BMXNOE0110, and recommends compensating controls for Modicon M340 processors pending future remediation. No exploit steps, weaponization details, or unverified operational claims are included.
Official resources
-
CVE-2024-12142 CVE record
CVE.org
-
CVE-2024-12142 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-01-14 via Schneider Electric/CISA advisory ICSA-25-035-06. The advisory was revised on 2025-08-12 to add remediations for BMXNOE0100 and BMXNOE0110.