CVE-2019-6821
N/A
N/A
Summary
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Modicon Controllers, Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum | Modicon Controllers, Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum | affected |
Weaknesses
- CWE-330: CWE-330: Use of Insufficiently Random Values
ADP Enrichment
CVE Program Container
Additional References
- https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01
- http://www.securityfocus.com/bid/108366
- https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/
References
- https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01
- http://www.securityfocus.com/bid/108366
- https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.