CVE-2019-6821

Summary

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.

Affected Software

VendorProductVersion RangeStatus
n/aModicon Controllers, Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon QuantumModicon Controllers, Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantumaffected

Weaknesses

  • CWE-330: CWE-330: Use of Insufficiently Random Values

ADP Enrichment

CVE Program Container

Additional References

References