CVE-2019-6828

Summary

A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus.

Affected Software

VendorProductVersion RangeStatus
Schneider Electric SEModicon M580firmware version prior to V2.90affected
Schneider Electric SEModicon M340firmware version prior to V3.10affected
Schneider Electric SEModicon Premiumall versionsaffected
Schneider Electric SEModicon Quantumall versionsaffected

Weaknesses

  • CWE-248: CWE-248: Uncaught Exception

ADP Enrichment

CVE Program Container

Additional References

References