Schneider Electric Se Modicon Quantum vulnerabilities

CVE-2019-6828 [HIGH] CWE-248 CVE-2019-6828: A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), M A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus.

CVE-2019-6809 [HIGH] CWE-248 CVE-2019-6809: A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90 A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the controller.

CVE-2018-7240 [HIGH] CWE-787 CVE-2018-7240: A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.