20 matches found
EUVD-2019-16396
Malware in sbrugna...
Schneider Electric Modicon Improper Handling of Exceptional Conditions (CVE-2019-6843)
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware version prior to V3.10, Modicon M340 all firmware versions, and Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading...
Schneider Electric Modicon Cleartext Transmission of Sensitive Information (CVE-2019-6846)
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause information disclosure when using the FTP protocol. This plugin only works with Tenable.ot. Please visit...
Schneider Electric Modicon M580/M340/BMxCRA/140CRA Denial of Service Vulnerability (CNVD-2019-41497)
The Modicon M580/M340/BMxCRA/140CRA are programmable logic controllers from Schneider Electric. A denial of service vulnerability exists in the Schneider Electric Modicon M580/M340/BMxCRA/140CRA. An attacker can exploit this vulnerability to cause a denial of service by upgrading the controller v...
CVE-2019-6847
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the...
CVE-2019-6841
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware version prior to V3.10, Modicon M340 all firmware versions, and Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading...
CVE-2019-6843
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware version prior to V3.10, Modicon M340 all firmware versions, and Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading...
Design/Logic Flaw
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the packag...
Design/Logic Flaw
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware version prior to V3.10, Modicon M340 all firmware versions, and Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading...
Design/Logic Flaw
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause information disclosure when using the FTP protocol...
Design/Logic Flaw
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid we...
CVE-2019-6847
CVE-2019-6847 affects Schneider Electric Modicon M580, M340, BMxCRA, and 140CRA programmable controllers. The issue is a denial-of-service flaw in the FTP firmware-update path, where upgrading to an incompatible firmware image can drive the device into a non-recoverable fault, stopping remote com...
CVE-2019-6847
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the...
CVE-2019-6846
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause information disclosure when using the FTP protocol...
CVE-2019-6846
CVE-2019-6846 affects Schneider Electric Modicon M580, M340, BMxCRA and 140CRA modules (all firmware versions). The root cause is use of FTP for credential/command transmission, resulting in cleartext exposure of sensitive information to network observers. Reported impact is information disclosur...
CVE-2019-6844
CVE-2019-6844 affects Schneider Electric Modicon M580, M340, BMxCRA and 140CRA PLC modules. The vulnerability is a Denial of Service during firmware upgrade when the firmware image for the web server is invalid and transferred via FTP; a check verifies only image headers, enabling fault state dur...
CVE-2019-6843
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware version prior to V3.10, Modicon M340 all firmware versions, and Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading...
CVE-2019-6842
CVE-2019-6842 affects Schneider Electric Modicon M580, M340, BMxCRA, and 140CRA firmware. The root cause is improper handling of exceptional conditions in FTP-based firmware upgrade flows, which can cause a Denial of Service, stopping normal device execution after upgrade when the web server imag...
CVE-2019-6842
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the packag...
CVE-2019-6841
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware version prior to V3.10, Modicon M340 all firmware versions, and Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading...