CVE-2019-6809

2019-09-1719:50:29

CWE-248

schneider

www.cve.org

EPSS

0.001

Percentile

42.5%

JSON

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the controller.

CNA Affected

[
  {
    "product": "Modicon M580",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version prior to V2.90"
      }
    ]
  },
  {
    "product": "Modicon M340",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version prior to V3.10"
      }
    ]
  },
  {
    "product": "Modicon Premium",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "product": "Modicon Quantum",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

References

www.schneider-electric.com/en/download/document/SEVD-2019-134-11/

EPSS

0.001

Percentile

42.5%

JSON

Related for CVELIST:CVE-2019-6809