CVE-2019-6829

Summary

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus.

Affected Software

VendorProductVersion RangeStatus
Schneider Electric SEModicon M580firmware version prior to V2.90affected
Schneider Electric SEModicon M340firmware version prior to V3.10affected

Weaknesses

  • CWE-248: A CWE-248: Uncaught Exception

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References