Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Modicon_quantum_firmware
(Schneider\-Electric)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 25 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-09-17 | CVE-2019-6809 | A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the controller. | Modicon_m340_firmware, Modicon_m580_firmware, Modicon_premium_firmware, Modicon_quantum_firmware | 7.5 | ||
2019-09-17 | CVE-2019-6828 | A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus. | Modicon_m340_firmware, Modicon_m580_firmware, Modicon_premium_firmware, Modicon_quantum_firmware | 7.5 | ||
2019-05-22 | CVE-2018-7788 | A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection. | Modicon_quantum_firmware | 6.5 | ||
2019-05-22 | CVE-2019-6816 | In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol. | Modicon_quantum_firmware | 9.1 | ||
2019-05-22 | CVE-2019-6815 | In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration when using Ethernet/IP protocol. | Modicon_quantum_firmware | 9.1 |