CVSS: 7.5EPSS: 0%CPEs: 74EXPL: 0CVE-2019-6851
https://notcve.org/view.php?id=CVE-2019-6851
29 Oct 2019 — A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol. CWE-538: Hay una vulnerabilidad de Exposición de Información de Archivos y Directorios en Modicon M580, Modicon M340, Modicon Premium, Modicon Quantum (todas las versiones de firmware), lo que podría causar una divulgación de información del controlador cu... • https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6847
https://notcve.org/view.php?id=CVE-2019-6847
29 Oct 2019 — A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the application in the controller using FTP protocol. Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en los módulos Modicon M580, Modicon M340, Modicon BMxCRA y 140CRA (todas las version... • https://www.se.com/ww/en/download/document/SEVD-2019-281-02 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6846
https://notcve.org/view.php?id=CVE-2019-6846
29 Oct 2019 — A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause information disclosure when using the FTP protocol. Una CWE-319: Existe una vulnerabilidad de Transmisión de Texto Sin Cifrar de Información Confidencial en Modicon M580, Modicon M340, Modicon BMxCRA y los módulos 140CRA (todas las versiones de firmware), que podrían causar una divulgación de información cuando se utiliza ... • https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 74EXPL: 0CVE-2019-6845
https://notcve.org/view.php?id=CVE-2019-6845
29 Oct 2019 — A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol. Una CWE-319: existe una vulnerabilidad de Transmisión de Texto Sin Cifrar de Información Confidencial en Modicon M580, Modicon M340, Modicon Premium, Modicon Quantum (todas las versiones de firmware), lo que podría cau... • https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-03 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6844
https://notcve.org/view.php?id=CVE-2019-6844
29 Oct 2019 — A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid web server image using FTP protocol. Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en Modicon M580, Modicon M340, Modicon BMxCRA y los módulos 140CRA (todas las versiones de firmw... • https://www.se.com/ww/en/download/document/SEVD-2019-281-02 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6843
https://notcve.org/view.php?id=CVE-2019-6843
29 Oct 2019 — A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the controller with an empty firmware package using FTP protocol. Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en Modicon M580 con firmware (versión anterior a V3.10), Mod... • https://www.se.com/ww/en/download/document/SEVD-2019-281-02 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6842
https://notcve.org/view.php?id=CVE-2019-6842
29 Oct 2019 — A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol. Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en los módulos Modicon M580, Modicon M340, Modicon BMxCRA y 140CRA (todas las versiones de firmware), que pod... • https://www.se.com/ww/en/download/document/SEVD-2019-281-02 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6841
https://notcve.org/view.php?id=CVE-2019-6841
29 Oct 2019 — A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with no firmware image inside the package using FTP protocol. Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en los módulos Modicon M580, Modicon M340, Modicon ... • https://www.se.com/ww/en/download/document/SEVD-2019-281-02 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-6828
https://notcve.org/view.php?id=CVE-2019-6828
17 Sep 2019 — A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus. Una CWE-248: Se presenta una vulnerabilidad de Excepción No Capturada en Modicon M580 (versión de firmware anterior a V2.90), Modicon M340 (versión de firmware anterior a V3.10)... • https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11 • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-6813
https://notcve.org/view.php?id=CVE-2019-6813
17 Sep 2019 — A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Modicon M340 controller (all firmware versions), which could cause denial of service when truncated SNMP packets on port 161/UDP are received by the device. Una CWE-754: Existe una vulnerabilidad de Comprobación Inapropiada de Condiciones Inusuales o Excepcionales en el módulo BMXNOR0200H Ethernet/Serial RTU (todas las versiones de firmware) y el contro... • https://security.cse.iitk.ac.in/responsible-disclosure • CWE-754: Improper Check for Unusual or Exceptional Conditions •