Modicon m258 firmware
This hub aggregates every CVE we track for Modicon m258 firmware, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
2024-082026-07
Latest CVEs
The 6 most recently published vulnerabilities affecting Modicon m258 firmware.
- CVE-2025-13902CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s brows...5.4
- CVE-2024-6528CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where ...5.4
- CVE-2020-28220A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion sof...6.8
- CVE-2020-7488A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 co...7.5
- CVE-2020-7487A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.9.8
- CVE-2019-6820A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a spe...8.2
Product normalization is registry-driven with AI assist and human review. How it works