CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

schneider-electric

modicon_bmenoc_0321_firmware

3 known vulnerabilities · sorted by CVSS score

CVE-2019-6848

HIGH8.6

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 CPU (BMEx58*) and Modicon M580 communication module (BMENOC0311, BMENOC0321) (see notification for version info), which could cause a Denial of Service attack on the PLC when sending specific data on the REST API of the controller/communication module.

schneider-electric / modicon_m580_firmware+2

Network

Published Oct 29, 2019

CVE-2019-6849

HIGH7.5

A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module.

schneider-electric / modicon_m580_firmware+2

Network

Published Oct 29, 2019

CVE-2019-6850

HIGH7.5

A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module.

schneider-electric / modicon_m580_firmware+2

Network

Published Oct 29, 2019