CVE-2019-6819

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 22-05-2019 10:29

Last modified: - 19-04-2022 05:35

Total changes: - 4

Description

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

7.5

Base score

3.9

3.6

Exploitability score

Impact score

Verification logic

AND

vendor=schneider-electric AND product=modicon_m340_firmware AND versionEndExcluding=3.01

vendor=schneider-electric AND product=bmxp3420302cl AND version=-

vendor=schneider-electric AND product=bmxp342020 AND version=-

vendor=schneider-electric AND product=bmxp342000 AND version=-

vendor=schneider-electric AND product=bmxp341000 AND version=-

vendor=schneider-electric AND product=bmxp341000h AND version=-

vendor=schneider-electric AND product=bmxp3420102 AND version=-

vendor=schneider-electric AND product=bmxp3420102cl AND version=-

vendor=schneider-electric AND product=bmxp3420302 AND version=-

vendor=schneider-electric AND product=bmxp3420302h AND version=-

vendor=schneider-electric AND product=bmxp342020h AND version=-

AND

vendor=schneider-electric AND product=modicon_m580_firmware AND versionEndExcluding=2.80

vendor=schneider-electric AND product=bmeh584040c AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep586040c AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep582020 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep582040 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep582040s AND version=-

vendor=schneider-electric AND product=bmeh582040c AND version=-

vendor=schneider-electric AND product=bmeh586040 AND version=-

vendor=schneider-electric AND product=bmeh586040c AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep581020 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep581020h AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep584040 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep584040s AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep583020 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep583040 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep584020 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep585040 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep585040c AND version=-

vendor=schneider-electric AND product=bmeh584040 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep586040 AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep582020h AND version=-

vendor=schneider-electric AND product=modicon_m580_bmep582040h AND version=-

vendor=schneider-electric AND product=bmeh582040 AND version=-

AND

vendor=schneider-electric AND product=modicon_quantum_firmware

vendor=schneider-electric AND product=modicon_quantum AND version=-

AND

vendor=schneider-electric AND product=modicon_premium_firmware

vendor=schneider-electric AND product=modicon_premium AND version=-

Reference

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/
109004-Broken Link

Keywords

CVE-2019-6819

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2019-6819

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures