CVE-2022-37301 Information

Description

A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34)(V3.40 and prior) Modicon M580 CPU (part numbers BMEP and BMEH)(V3.22 and prior) Legacy Modicon Quantum/Premium(All Versions) Modicon Momentum MDI (171CBU)(All Versions) Modicon MC80 (BMKC80)(V1.7 and prior)

Reference

https://www.se.com/us/en/download/document/SEVD-2022-221-02/