Modicon_quantum_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Modicon_quantum_firmware
(Schneider\-Electric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	25

Date	Id	Summary	Products	Score	Patch	Annotated
2019-09-17	CVE-2019-6809	A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the controller.	Modicon_m340_firmware, Modicon_m580_firmware, Modicon_premium_firmware, Modicon_quantum_firmware	7.5
2019-09-17	CVE-2019-6828	A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus.	Modicon_m340_firmware, Modicon_m580_firmware, Modicon_premium_firmware, Modicon_quantum_firmware	7.5
2019-05-22	CVE-2018-7788	A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection.	Modicon_quantum_firmware	6.5
2019-05-22	CVE-2019-6816	In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol.	Modicon_quantum_firmware	9.1
2019-05-22	CVE-2019-6815	In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration when using Ethernet/IP protocol.	Modicon_quantum_firmware	9.1