Schneider-Electric Modicon Premium Firmware vulnerabilities
2 known vulnerabilities affecting schneider-electric/modicon_premium_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-6808CRITICALCVSS 9.8≤ 3.202019-05-22
CVE-2019-6808 [CRITICAL] CWE-306 CVE-2019-6808: A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus.
nvd
CVE-2018-7857HIGHCVSS 7.5fixed in 3.202019-05-22
CVE-2018-7857 [HIGH] CWE-754 CVE-2018-7857: A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus.
nvd