CVE-2024-8936 Information

Description

CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory.

Reference

https://download.schneider-electric.com/doc/SEVD-2024-317-03/SEVD-2024-317-03.pdf