1669 matches found
CVE-2018-7844
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus...
CVE-2018-7844
CVE-2018-7844 affects Schneider Electric Modicon M580, M340, Quantum and Premium PLCs. The UMAS read memory block function can disclose plaintext data, including SNMP community strings, when reading memory blocks over Modbus. Exploitation is unauthenticated and feasible against firmware versions ...
CVE-2019-6808
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus...
CVE-2019-6808
The CVE-2019-6808 issue affects Schneider Electric Modicon controllers (M580, M340, Quantum, Premium). It is a CWE-284 improper access control vulnerability that could allow remote code execution by overwriting configuration settings over Modbus. Affected components include the controller’s confi...
CVE-2019-6807
CVE-2019-6807 affects Schneider Electric Modicon M580, M340, Quantum, and Premium PLCs. The issue is an Uncaught Exception (CWE-248) that could cause denial of service when writing sensitive application variables to the controller over Modbus. Connected sources confirm the vulnerability across al...
CVE-2019-6807
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing sensitive application variables to the controller over Modbus...
CVE-2019-6806
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading variables in the controller using Modbus...
CVE-2019-6806
Schneider Electric Modicon M580, M340, Quantum, and Premium PLCs are affected by CVE-2019-6806, a CWE-200 information-exposure vulnerability. The issue stems from UMAS/Modbus read paths that can disclose SNMP information, including read/write/trap SNMP strings, when reading variables in the contr...
CVE-2018-7857
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus...
CVE-2018-7857
CVE-2018-7857 affects Schneider Electric Modicon M580, M340, Quantum, and Premium PLCs. It is described as CWE-248 Uncaught Exception: writing out-of-bounds variables to the controller over Modbus can cause a Denial of Service . The entry lists CVSSv3.1 base score 7.5 (HIGH) and CVSSv2 5.0 (MEDIU...
CVE-2018-7856
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of Service when writing invalid memory blocks to the controller over Modbus...
CVE-2018-7856
The CVE-2018-7856 entry concerns Schneider Electric Modicon PLCs (M580, M340, Quantum, Premium). The vulnerability is a CWE-248 Uncaught Exception leading to potential denial of service when writing invalid memory blocks to the controller over Modbus. Affected software/hardware is the Modicon fam...
CVE-2018-7855
A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a Denial of Service when sending invalid breakpoint parameters to the controller over Modbus...
CVE-2018-7854
A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus...
CVE-2018-7854
CVE-2018-7854 affects Schneider Electric Modicon M580, M340, Quantum, and Premium PLCs. The issue is a CWE-248 Uncaught Exception that can cause denial of service when invalid debug parameters are sent over Modbus. The provided documents confirm affected models and the root cause (uncaught except...
CVE-2018-7853
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading invalid physical memory blocks in the controller over Modbus...
CVE-2018-7853
CVE-2018-7853 affects Schneider Electric Modicon PLCs (M580, M340, Quantum, Premium). The vulnerability is a CWE-248 Uncaught Exception that could cause a denial of service when the controller reads invalid physical memory blocks over Modbus. The NVD entry lists CVSS-3.1 base metrics: Network att...
CVE-2018-7852
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus...
CVE-2018-7852
CVE-2018-7852 affects Schneider Electric Modicon M580 family (M580, M340, Quantum, Premium). The issue is CWE-248 Uncaught Exception leading to denial of service when an invalid private command parameter is sent to the controller over Modbus/UMAS. Talos advisories describe multiple DoS scenarios ...
CVE-2018-7845
A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus...