CVE-2019-6848

HIGH

8.6

CVSS Severity Score

EPSS Score0.1640%

EPSS Percentile40.53th

PublishedOct 29, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 CPU (BMEx58*) and Modicon M580 communication module (BMENOC0311, BMENOC0321) (see notification for version info), which could cause a Denial of Service attack on the PLC when sending specific data on the REST API of the controller/communication module.

Affected Platforms (CPE)

💻

Schneider Electric

Modicon M580 Firmware

All versions

💻

Schneider Electric

Modicon Bmenoc 0311 Firmware

All versions

💻

Schneider Electric

Modicon Bmenoc 0321 Firmware

All versions

References & Advisories

🔗 https://www.se.com/ww/en/download/document/SEVD-2019-281-04/

Vulnerability Description

Affected Platforms (CPE)

Modicon M580 Firmware

Modicon Bmenoc 0311 Firmware

Modicon Bmenoc 0321 Firmware

References & Advisories

Related Vulnerabilities