CVE-2021-22791

Name: CVE-2021-22791
Creator: NVD / NIST
Published: 2021-09-02T17:15:08.29+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.5/10EPSS 0.80%

Last modified Jun 17, 2026

CVE-2021-22791 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).. EPSS estimates a 0.80% chance of exploitation in the next 30 days.

Description

A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

Metrics

CVSS 3.1

6.5/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.80%

52.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions
Schneider-Electric	Modicon M340 Bmxp341000	All versions
Schneider-Electric	Modicon M340 Bmxp342010	All versions
Schneider-Electric	Modicon M340 Bmxp342020	All versions
Schneider-Electric	Modicon M340 Bmxp342030	All versions
Schneider-Electric	Modicon M580 Bmeh582040	All versions
Schneider-Electric	Modicon M580 Bmeh582040c	All versions
Schneider-Electric	Modicon M580 Bmeh582040s	All versions
Schneider-Electric	Modicon M580 Bmeh584040	All versions
Schneider-Electric	Modicon M580 Bmeh584040c	All versions
Schneider-Electric	Modicon M580 Bmeh584040s	All versions
Schneider-Electric	Modicon M580 Bmeh586040	All versions
Schneider-Electric	Modicon M580 Bmeh586040c	All versions
Schneider-Electric	Modicon M580 Bmeh586040s	All versions
Schneider-Electric	Modicon M580 Bmep581020	All versions
Schneider-Electric	Modicon M580 Bmep581020h	All versions
Schneider-Electric	Modicon M580 Bmep582020	All versions
Schneider-Electric	Modicon M580 Bmep582020h	All versions
Schneider-Electric	Modicon M580 Bmep582040	All versions
Schneider-Electric	Modicon M580 Bmep582040h	All versions
Schneider-Electric	Modicon M580 Bmep582040s	All versions
Schneider-Electric	Modicon M580 Bmep583020	All versions
Schneider-Electric	Modicon M580 Bmep583040	All versions
Schneider-Electric	Modicon M580 Bmep584020	All versions
Schneider-Electric	Modicon M580 Bmep584040	All versions
Schneider-Electric	Modicon M580 Bmep584040s	All versions
Schneider-Electric	Modicon M580 Bmep585040	All versions
Schneider-Electric	Modicon M580 Bmep585040c	All versions
Schneider-Electric	Modicon M580 Bmep586040	All versions
Schneider-Electric	Modicon M580 Bmep586040c	All versions
Schneider-Electric	Modicon Mc80 Bmkc8020301	All versions
Schneider-Electric	Modicon Mc80 Bmkc8020310	All versions
Schneider-Electric	Modicon Mc80 Bmkc8030311	All versions
Schneider-Electric	Modicon Momentum 171cbu78090	All versions
Schneider-Electric	Modicon Momentum 171cbu98090	All versions
Schneider-Electric	Modicon Momentum 171cbu98091	All versions
Schneider-Electric	Modicon Premium Tsxp57 1634m	All versions
Schneider-Electric	Modicon Premium Tsxp57 2634m	All versions
Schneider-Electric	Modicon Premium Tsxp57 2834m	All versions
Schneider-Electric	Modicon Premium Tsxp57 454m	All versions
Schneider-Electric	Modicon Premium Tsxp57 4634m	All versions
Schneider-Electric	Modicon Premium Tsxp57 554m	All versions
Schneider-Electric	Modicon Premium Tsxp57 5634m	All versions
Schneider-Electric	Modicon Premium Tsxp57 6634m	All versions
Schneider-Electric	Modicon Quantum 140cpu65150	All versions
Schneider-Electric	Modicon Quantum 140cpu65150c	All versions
Schneider-Electric	Modicon Quantum 140cpu65160	All versions
Schneider-Electric	Modicon Quantum 140cpu65160c	All versions
Schneider-Electric	Plc Simulator For Ecostruxure Control Expert	All versions
Schneider-Electric	Plc Simulator For Ecostruxure Process Expert	All versions

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06Not Applicable
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04Patch, Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06Not Applicable

Timeline

Published: Sep 2, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-22791?

How severe is CVE-2021-22791?

CVE-2021-22791 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 0.80% probability of exploitation in the next 30 days.

How do I fix CVE-2021-22791?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-22791?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST