Schneider Electric Modicon M241
Moderate fix1 remedy
cpe:2.3:h:schneider-electric:modicon_m241:*:*:*:*:*:*:*, +3 more
Moderate fix1 remedy
- < 5.3.12.51
Schneider Electric Modicon Controllers Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service
Vulnerability
Patched
A vulnerability allowing uncontrolled resource consumption has been identified in Schneider Electric's Modicon Controllers M241, M251, M258, LMC058, and M262, all versions prior to specific patched releases. This vulnerability could lead to a denial-of-service condition when an authenticated malicious user sends manipulated HTTPS Content-Length headers to the web server, causing it to consume resources improperly.
Impact
Exploitation of this vulnerability can cause a denial-of-service condition, where the affected device becomes unresponsive or unavailable due to excessive resource consumption.
Remediation
Users can update to version 5.3.12.51 for Modicon Controllers M241 and M251, or version 5.3.9.18 for Modicon Controllers M262. The update can be downloaded from the respective product pages on the Schneider Electric website. For Modicon LMC058, no specific version is mentioned, but users should consult the Schneider Electric Software Installer for available updates.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
2.5exploitability
4.9remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.