Detections
Analytics
Schneider Electric Modicon M340 Controller and Communication Modules Improper Input Validation (CVE-2025-6625)
high Tenable OT Security Plugin ID 504812
Synopsis
The remote OT asset is affected by a vulnerability.Description
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk:
- BMXNOE0100 Modbus/TCP Ethernet Modicon M340 module: Version 3.60 of BMXNOE0100 includes a fix for this vulnerability and is available for download here. Reboot is needed to complete the firmware upgrade.
- BMXNOE0110 Modbus/TCP Ethernet Modicon M340 FactoryCast module: Version 6.80 of BMXNOE0110 includes a fix for this vulnerability and is available for download here. Reboot is needed to complete the firmware upgrade.
Schneider Electric is establishing a remediation plan for all future versions of Modicon M340, BMXNOR0200H, BMXNGD0100, and BMXNOC401. Until then, users should immediately apply the following mitigations to reduce the risk of exploit:
- FTP service is disabled by default
- Ensure to disable FTP service when not in use
- Setup network segmentation and implement a firewall to block all unauthorized access to ports 21/FTP
- Use VPN (Virtual Private Networks) tunnels if remote access is required
For more information see the associated Schneider Electric CPCERT security advisory SEVD-2025-224-05.
See Also
https://www.se.com/us/en/download/document/7EN52-0390/
http://www.nessus.org/u?581bfb75
http://www.nessus.org/u?168dc6d2
https://www.cisa.gov/news-events/ics-advisories/icsa-25-238-03
Plugin Details
Severity: High
ID: 504812
File Name: tenable_ot_schneider_CVE-2025-6625.nasl
Version: 1.3
Type: remote
Family: Tenable.ot
Published: 11/20/2025
Updated: 3/10/2026
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
Risk Factor: High
Base Score: 8.7
Threat Score: 6.6
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Vulnerability Information
CPE: cpe:/o:schneider-electric:bmxgnd0100_firmware, cpe:/o:schneider-electric:bmxnoe0100_firmware, cpe:/o:schneider-electric:bmxnoc0401_firmware, cpe:/o:schneider-electric:bmxnoe0110_firmware, cpe:/o:schneider-electric:bmxnor0200h_firmware, cpe:/o:schneider-electric:modicon_m340_firmware
Required KB Items: Tenable.ot/Schneider
Exploit Ease: No known exploits are available
Patch Publication Date: 8/12/2025
Vulnerability Publication Date: 8/12/2025
Reference Information
CVE: CVE-2025-6625