Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2019-6819 CVE-2018-7845 CVE-2019-6830 CVE-2018-7852 |
CWE-ID | CWE-125 CWE-248 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #4 is available. |
Vulnerable software Subscribe |
Modicon Premium Hardware solutions / Firmware Modicon Quantum Hardware solutions / Firmware Modicon M580 Hardware solutions / Firmware Modicon M340 Hardware solutions / Firmware |
Vendor | Schneider Electric |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU21477
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-6819
CWE-ID: N/A
Exploit availability: No
DescriptionInstall updates from vendor's website.
Vulnerable software versionsModicon Premium: All versions
Modicon Quantum: All versions
Modicon M580: 1.04 - 2.41
Modicon M340: before 3.01
External linkshttp://www.us-cert.gov/ics/advisories/icsa-19-183-01
http://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU21497
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-7845
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when reading specific memory blocks in the controller over Modbus. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsModicon M340: before 3.01
Modicon M580: 1.04 - 2.41
External linkshttp://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/
http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0745
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU21485
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-6830
CWE-ID:
CWE-248 - Uncaught Exception
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.
The vulnerability exists due to uncaught exception vulnerability when sending an appropriately timed HTTP request to the controller. A
remote attacker can cause a denial of service condition.
Install updates from vendor's website.
Vulnerable software versionsModicon M580: 1.04 - 2.41
External linkshttp://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU21517
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-7852
CWE-ID:
CWE-248 - Uncaught Exception
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.
The vulnerability exists due to uncaught exception vulnerability when an invalid private command parameter is sent to the controller over Modbus. A remote attacker can cause a
denial of service condition.
Install updates from vendor's website.
Vulnerable software versionsModicon Quantum: All versions
Modicon Premium: All versions
Modicon M340: before 3.01
Modicon M580: 1.04 - 2.50
External linkshttp://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/
http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0763
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.