CVE-2019-6859
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notifications), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.
A CWE-798: Existe una vulnerabilidad de Uso de Credenciales Embebidas en los controladores Modicon (todas las versiones de las siguientes referencias de productos de CPU y módulo de comunicación enumeradas en las Notificaciones de Seguridad), lo que podría causar una divulgación de credenciales embebidas FTP cuando se usa el servidor Web del controlador en una red no segura
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-25 CVE Reserved
- 2020-04-22 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2019-316-02 | 2022-02-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Schneider-electric Search vendor "Schneider-electric" | Bmx P34x Firmware Search vendor "Schneider-electric" for product "Bmx P34x Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmx P34x Search vendor "Schneider-electric" for product "Bmx P34x" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Bmx Noe 0100 Firmware Search vendor "Schneider-electric" for product "Bmx Noe 0100 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmx Noe 0100 Search vendor "Schneider-electric" for product "Bmx Noe 0100" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Bmx Noe 0110 Firmware Search vendor "Schneider-electric" for product "Bmx Noe 0110 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmx Noe 0110 Search vendor "Schneider-electric" for product "Bmx Noe 0110" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Bmx Noc 0401 Firmware Search vendor "Schneider-electric" for product "Bmx Noc 0401 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmx Noc 0401 Search vendor "Schneider-electric" for product "Bmx Noc 0401" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsx P57x Firmware Search vendor "Schneider-electric" for product "Tsx P57x Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsx P57x Search vendor "Schneider-electric" for product "Tsx P57x" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsx Ety X103 Firmware Search vendor "Schneider-electric" for product "Tsx Ety X103 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsx Ety X103 Search vendor "Schneider-electric" for product "Tsx Ety X103" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140 Cpu6x Firmware Search vendor "Schneider-electric" for product "140 Cpu6x Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140 Cpu6x Search vendor "Schneider-electric" for product "140 Cpu6x" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140 Noe 771x1 Firmware Search vendor "Schneider-electric" for product "140 Noe 771x1 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140 Noe 771x1 Search vendor "Schneider-electric" for product "140 Noe 771x1" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140 Noc 78x00 Firmware Search vendor "Schneider-electric" for product "140 Noc 78x00 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140 Noc 78x00 Search vendor "Schneider-electric" for product "140 Noc 78x00" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140 Noc 77101 Firmware Search vendor "Schneider-electric" for product "140 Noc 77101 Firmware" | * | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140 Noc 77101 Search vendor "Schneider-electric" for product "140 Noc 77101" | - | - |
Safe
|