#VU24372 Improper Check for Unusual or Exceptional Conditions in Schneider Electric products - CVE-2019-6857

Cybersecurity Help s.r.o.

Published: 2020-01-17

Vulnerability identifier: #VU24372

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-6857

CWE-ID: N/A

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Modicon M580
Hardware solutions / Firmware
Modicon M340
Hardware solutions / Firmware
Modicon Premium
Hardware solutions / Firmware
Modicon Quantum
Hardware solutions / Firmware

Vendor: Schneider Electric

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper check for unusual or exceptional conditions. A remote attacker can cause a denial of service condition in the controller when reading specific memory blocks using Modbus TCP.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Modicon M580: 1.04 - 2.50

Modicon M340: before 3.01

Modicon Premium: before 3.20

Modicon Quantum: before 3.60

External links
https://www.se.com/ww/en/download/document/SEVD-2019-344-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Schneider Electric Modicon Controllers