CVE-2019-6819 (GCVE-0-2019-6819)
Vulnerability from cvelistv5
Published
2019-05-22 19:45
Modified
2024-08-04 20:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium |
Version: Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:31:04.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
},
{
"name": "109004",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-03T13:06:07",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
},
{
"name": "109004",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2019-6819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium",
"version": {
"version_data": [
{
"version_value": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/",
"refsource": "MISC",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
},
{
"name": "109004",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2019-6819",
"datePublished": "2019-05-22T19:45:08",
"dateReserved": "2019-01-25T00:00:00",
"dateUpdated": "2024-08-04T20:31:04.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-6819\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2019-05-22T20:29:02.090\",\"lastModified\":\"2024-11-21T04:47:12.980\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.\"},{\"lang\":\"es\",\"value\":\"Una CWE-754: Existe una vulnerabilidad de Comprobaci\u00f3n Inapropiada para condiciones inusuales o excepcionales, que podr\u00eda generar una posible Denegaci\u00f3n de Servicio cuando se env\u00edan tramas Modbus espec\u00edficas hacia el controlador en los productos: Modicon M340 - versiones de firmware anteriores a la V3.01, Modicon M580 - versiones de firmware anteriores a V2.80, y todas las versiones de firmware de Modicon Quantum y Modicon Premium.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.01\",\"matchCriteriaId\":\"606AFE88-8C9A-4D18-9209-1193B628669F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"178D2338-E48E-493C-992F-337AACE794DE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69222495-4F18-434E-B86C-F63C5A2C1242\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D150239-27E2-4CBE-A931-5107C15E362F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98212CF5-BCF4-4A55-B62A-484569687B4E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D30336F0-EDCF-486C-B52E-D0C53BCDFC65\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99F2F851-C18F-4CB8-B47C-516F2AC7955D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BAED8B-EEFA-45D7-A5A3-9B62067CE24C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"354968F7-C41B-4C21-8E47-81DC07DF0EA5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32091F91-9397-4506-8801-C68B9E8B60F0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"075A16D1-F4DF-4DCB-8DF9-152E282CE01F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.80\",\"matchCriteriaId\":\"6FDEB227-D50B-402C-9C11-E29F52BC10BB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:bmeh582040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E6E5E62-BBA8-4370-A232-8E1196757C3E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:bmeh582040c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C393EAE-D2A1-42BC-8CE8-2DCAC96EB769\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:bmeh584040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A8BF9D-AFD1-4F19-A0DB-5EB6F343D890\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:bmeh584040c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63D48211-A734-4F98-A4D5-569268335757\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:bmeh586040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38D22DD5-677B-42E8-AE1F-11601D4BF110\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:bmeh586040c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79907FE7-B4B0-4732-9287-B7ED13115F6C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2317F260-7AA2-4178-B468-03DF36223E26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7DDC42-37A1-43B0-AD46-2E0D098564BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"765E4FEE-255E-4C47-824A-5661B84B490B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1FEA377-3C45-4F88-B233-088A24BD0771\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBCCDD6D-35CE-4680-8B0C-86584B1D8958\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68FD5968-C522-4231-A98C-93D3101B6148\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBC38FF1-693E-4899-883C-1B7B80A52F2C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"002E7F33-6729-4C35-9DDA-7D8383BD5668\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47DFEBAC-2F1D-4870-8425-2199BF80B425\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6222C1F8-BE52-4666-B7F5-2E8BBC214F70\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5376D9F4-8AFB-4909-A11B-33C54C4220DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CADB178B-FEFD-48A9-B155-0E8F6D490229\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B3C1879-269B-47EB-891B-EF2E90C911D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:modicon_quantum_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"745CC7A7-70FB-4551-8EBF-600B7A6236D7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_quantum:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9B7CEF7-B9BA-4923-808F-DA2931569EBB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:modicon_premium_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"619CFD8D-9652-4AAB-AFC4-796B3F10F61F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_premium:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F00936E2-E6EF-4ABF-8666-7D83BE424F42\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/109004\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/109004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…