Schneider-Electric Modicon Quantum Firmware vulnerabilities
3 known vulnerabilities affecting schneider-electric/modicon_quantum_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-6808CRITICALCVSS 9.8≤ 3.602019-05-22
CVE-2019-6808 [CRITICAL] CWE-306 CVE-2019-6808: A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus.
nvd
CVE-2018-7857HIGHCVSS 7.5fixed in 3.602019-05-22
CVE-2018-7857 [HIGH] CWE-754 CVE-2018-7857: A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus.
nvd
CVE-2018-7788MEDIUMCVSS 6.5fixed in 2.402019-05-22
CVE-2018-7788 [MEDIUM] CWE-255 CVE-2018-7788: A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prio
A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection.
nvd