CyberSec.Space Logo
Back to CVE Browser

CVE-2019-6851

HIGH
7.5
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile34.90th
PublishedOct 29, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.

Affected Platforms (CPE)

πŸ’»
Schneider Electric

Modicon M580 Firmware

All versions
πŸ’»
Schneider Electric

Modicon M340 Firmware

All versions
πŸ’»
Schneider Electric

Tsxmcpc002m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmcpc512k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfpp001m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfpp002m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfpp004m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfpp512k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc001m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc002m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc003m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc007m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc01m7 Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc768k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpf004m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpf008m Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfp0128p2 Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfp064p2 Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfpp224k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmfpp384k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpc448k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpp224k Firmware

All versions
πŸ’»
Schneider Electric

Tsxmrpp384k Firmware

All versions

References & Advisories

πŸ”— https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-01
πŸ”— https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-01

Related Vulnerabilities

CVE-2019-68457.5

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , M...

CVE-2019-68097.5

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware vers...

CVE-2019-68287.5

A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version ...

CVE-2019-68197.5

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Servic...