Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-6856 (GCVE-0-2019-6856)
Vulnerability from cvelistv5 – Published: 2020-01-06 22:57 – Updated: 2024-08-04 20:31
VLAI?
EPSS
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.
Severity ?
No CVSS data available.
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric SE | Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) |
Affected:
Modicon M580
Affected: Modicon M340 Affected: Modicon Quantum Affected: Modicon Premium (see security notification for specific versions) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:31:04.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)",
"vendor": "Schneider Electric SE",
"versions": [
{
"status": "affected",
"version": "Modicon M580"
},
{
"status": "affected",
"version": "Modicon M340"
},
{
"status": "affected",
"version": "Modicon Quantum"
},
{
"status": "affected",
"version": "Modicon Premium (see security notification for specific versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T23:04:36.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2019-6856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)",
"version": {
"version_data": [
{
"version_value": "Modicon M580"
},
{
"version_value": "Modicon M340"
},
{
"version_value": "Modicon Quantum"
},
{
"version_value": "Modicon Premium (see security notification for specific versions)"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01",
"refsource": "CONFIRM",
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2019-6856",
"datePublished": "2020-01-06T22:57:02.000Z",
"dateReserved": "2019-01-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:31:04.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CNVD-2020-02578
Vulnerability from cnvd - Published: 2020-01-16
VLAI Severity ?
Title
多款Schneider Electric产品代码问题漏洞(CNVD-2020-02578)
Description
Schneider Electric Modicon M580等都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric Modicon M580是一款可编程自动化控制器。Schneider Electric Modicon Premium是一款用于离散或过程应用的大型可编程逻辑控制器(PLC)。Schneider Electric Modicon Quantum是一款用于过程应用、高可用性和安全解决方案的大型可编程逻辑控制器(PLC)。
多款Schneider Electric产品存在代码问题漏洞,该漏洞源于程序未正确检查异常情况。攻击者可利用该漏洞造成拒绝服务。
Severity
中
Patch Name
多款Schneider Electric产品代码问题漏洞(CNVD-2020-02578)的补丁
Patch Description
Schneider Electric Modicon M580等都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric Modicon M580是一款可编程自动化控制器。Schneider Electric Modicon Premium是一款用于离散或过程应用的大型可编程逻辑控制器(PLC)。Schneider Electric Modicon Quantum是一款用于过程应用、高可用性和安全解决方案的大型可编程逻辑控制器(PLC)。
多款Schneider Electric产品存在代码问题漏洞,该漏洞源于程序未正确检查异常情况。攻击者可利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://www.se.com/ww/en/download/document/SEVD-2019-344-01/
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-6856
Impacted products
| Name | ['Schneider Electric Modicon M340 <3.01', 'Schneider Electric Modicon M580 <2.80', 'Schneider Electric Modicon Premium <3.20', 'Schneider Electric Modicon Quantum <3.52'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-6856"
}
},
"description": "Schneider Electric Modicon M580\u7b49\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Schneider Electric Modicon M580\u662f\u4e00\u6b3e\u53ef\u7f16\u7a0b\u81ea\u52a8\u5316\u63a7\u5236\u5668\u3002Schneider Electric Modicon Premium\u662f\u4e00\u6b3e\u7528\u4e8e\u79bb\u6563\u6216\u8fc7\u7a0b\u5e94\u7528\u7684\u5927\u578b\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u3002Schneider Electric Modicon Quantum\u662f\u4e00\u6b3e\u7528\u4e8e\u8fc7\u7a0b\u5e94\u7528\u3001\u9ad8\u53ef\u7528\u6027\u548c\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u7684\u5927\u578b\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u3002\n\n\u591a\u6b3eSchneider Electric\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u6b63\u786e\u68c0\u67e5\u5f02\u5e38\u60c5\u51b5\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.se.com/ww/en/download/document/SEVD-2019-344-01/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-02578",
"openTime": "2020-01-16",
"patchDescription": "Schneider Electric Modicon M580\u7b49\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Schneider Electric Modicon M580\u662f\u4e00\u6b3e\u53ef\u7f16\u7a0b\u81ea\u52a8\u5316\u63a7\u5236\u5668\u3002Schneider Electric Modicon Premium\u662f\u4e00\u6b3e\u7528\u4e8e\u79bb\u6563\u6216\u8fc7\u7a0b\u5e94\u7528\u7684\u5927\u578b\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u3002Schneider Electric Modicon Quantum\u662f\u4e00\u6b3e\u7528\u4e8e\u8fc7\u7a0b\u5e94\u7528\u3001\u9ad8\u53ef\u7528\u6027\u548c\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u7684\u5927\u578b\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u3002\r\n\r\n\u591a\u6b3eSchneider Electric\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u6b63\u786e\u68c0\u67e5\u5f02\u5e38\u60c5\u51b5\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eSchneider Electric\u4ea7\u54c1\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2020-02578\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Schneider Electric Modicon M340 \u003c3.01",
"Schneider Electric Modicon M580 \u003c2.80",
"Schneider Electric Modicon Premium \u003c3.20",
"Schneider Electric Modicon Quantum \u003c3.52"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-6856",
"serverity": "\u4e2d",
"submitTime": "2019-12-20",
"title": "\u591a\u6b3eSchneider Electric\u4ea7\u54c1\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2020-02578\uff09"
}
GHSA-XHGJ-59FX-F85C
Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2022-05-24 17:05
VLAI?
Details
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.
{
"affected": [],
"aliases": [
"CVE-2019-6856"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-06T23:15:00Z",
"severity": "MODERATE"
},
"details": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.",
"id": "GHSA-xhgj-59fx-f85c",
"modified": "2022-05-24T17:05:44Z",
"published": "2022-05-24T17:05:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6856"
},
{
"type": "WEB",
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2019-6856
Vulnerability from fkie_nvd - Published: 2020-01-06 23:15 - Updated: 2024-11-21 04:47
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.
References
| URL | Tags | ||
|---|---|---|---|
| cybersecurity@se.com | https://www.se.com/ww/en/download/document/SEVD-2019-344-01 | Vendor Advisory | |
| cybersecurity@se.com | https://www.us-cert.gov/ics/advisories/icsa-20-016-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.se.com/ww/en/download/document/SEVD-2019-344-01 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-016-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDEB227-D50B-402C-9C11-E29F52BC10BB",
"versionEndExcluding": "2.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E876C738-ABF6-4864-98A6-1E06E96A0DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "606AFE88-8C9A-4D18-9209-1193B628669F",
"versionEndExcluding": "3.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138681A2-0146-492B-8E10-06849FC27C6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6FF401-ED15-45EE-9A84-171166BF4414",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70CD95A2-9FAE-4A7E-8331-8904C0E0CE3D",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EEE1F8-0DCA-4D18-A022-5DBE980F3A16",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp576634m_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F683564-419D-418B-A4D5-BB203F709DD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED646076-2294-4253-92BF-B95D5D5E87A4",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98B1574C-2FC7-4A3C-B260-D8372A268F4A",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853895C6-5EDF-4767-9653-F5F7826B4A7E",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9FBA4C-DA99-4F22-9168-ECD281B090C3",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7766E8-40EB-4C72-8234-C8D997F98F6C",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9246F10-84D1-4AE0-BF1A-B61EA1E965A2",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "889586D3-B64F-42DA-8872-DD44C9790881",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6EBCADE-8F8C-402B-8FB6-62237168E788",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E3F062-3874-4EB6-829B-285B428E982E",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43BE3D1E-5F7D-409F-A932-073D5A566180",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57204m_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E25651C-E4B5-47A2-A6CE-79F7ECAE246E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DEF9B5-6BC0-43A7-AD74-81F9D23BA843",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E358F77-1F8F-4F2F-A54C-B5F2373EFEE6",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56724F0C-2DA8-4710-9D82-EE51FA9B062C",
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97C6F04E-FEF7-4DA4-A819-7E4C3DA173F9",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9552C20-F295-4AB7-A44E-FB1072BAD1B3",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8ACFC-C693-4C5A-B256-51FF0835FD69",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67261_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370F0F62-AA12-496B-8107-EEC24B070621",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67261:-:*:*:*:*:*:*:*",
"matchCriteriaId": "164AEEA1-666F-428A-BFCB-5DEEEFE1D771",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67060_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06F31148-8213-4B01-AA48-D9D7C515E38A",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF2A7A3-89EF-480D-8E6E-20E11CF60A97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67160_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6E3B57D-062A-431D-B96F-28463DE757DF",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3870E952-7A32-43DA-8C66-DE43C862639B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67261_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370F0F62-AA12-496B-8107-EEC24B070621",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67261:-:*:*:*:*:*:*:*",
"matchCriteriaId": "164AEEA1-666F-428A-BFCB-5DEEEFE1D771",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "108BA75E-B7B4-4A51-9DB8-B928154DD51A",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E4FCBA-4980-4C8F-A185-5E9C4CF9E8B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D81FBC-7C66-4367-8A0F-7F96C09A56A4",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4419CB2D-AABC-4F77-9C75-42ABA62CBA6B",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF97B5A6-960F-42BA-A397-09C819A3200C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D793BE48-1025-4C6C-8E7D-82E013DDDE5D",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:140cpu67160s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41654852-0E58-46CC-A734-F59FE9B83990",
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:140cpu67160s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C1C17A-9111-49B8-A2CE-3A2FB87616F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP."
},
{
"lang": "es",
"value": "CWE-754: existe una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (v\u00e9ase la notificaci\u00f3n de seguridad para versiones espec\u00edficas) que podr\u00eda causar una Denegaci\u00f3n de Servicio cuando se escriben bloques de memoria f\u00edsica espec\u00edficos usando Modbus TCP."
}
],
"id": "CVE-2019-6856",
"lastModified": "2024-11-21T04:47:17.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-06T23:15:11.317",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"source": "cybersecurity@se.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2019-AVI-629
Vulnerability from certfr_avis - Published: 2019-12-12 - Updated: 2019-12-12
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | Power SCADA Expert 8.1 | ||
| Schneider Electric | N/A | Modicon Premium | ||
| Schneider Electric | N/A | Power SCADA Expert 8.0 | ||
| Schneider Electric | N/A | Power SCADA Operation 9.0 | ||
| Schneider Electric | Modicon M340 | Modicon M340 | ||
| Schneider Electric | N/A | ClearSCADA 2017 | ||
| Schneider Electric | N/A | ClearSCADA 2017 R2 | ||
| Schneider Electric | N/A | Power SCADA Expert 7.4 | ||
| Schneider Electric | N/A | Power SCADA Expert 7.3 | ||
| Schneider Electric | N/A | ClearSCADA 2017 R3 | ||
| Schneider Electric | N/A | EcoStruxure Control Expert version V14.0 et toutes les versions d'Unity Pro (anciennement EcoStruxure Control Expert) | ||
| Schneider Electric | N/A | Power SCADA Expert 8.2 | ||
| Schneider Electric | N/A | Modicon M580 | ||
| Schneider Electric | N/A | Modicon Quantum |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Power SCADA Expert 8.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon Premium",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Power SCADA Expert 8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Power SCADA Operation 9.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "ClearSCADA 2017",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "ClearSCADA 2017 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Power SCADA Expert 7.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Power SCADA Expert 7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "ClearSCADA 2017 R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Control Expert version V14.0 et toutes les versions d\u0027Unity Pro (anciennement EcoStruxure Control Expert)",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Power SCADA Expert 8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M580",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon Quantum",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6857"
},
{
"name": "CVE-2019-6854",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6854"
},
{
"name": "CVE-2019-13537",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13537"
},
{
"name": "CVE-2019-6855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6855"
},
{
"name": "CVE-2019-6856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6856"
},
{
"name": "CVE-2018-7794",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7794"
}
],
"initial_release_date": "2019-12-12T00:00:00",
"last_revision_date": "2019-12-12T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-629",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-12-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-344-01 du 11 d\u00e9cembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-344-01_Modicon_Controllers.pdf\u0026p_Doc_Ref=SEVD-2019-344-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-344-02 du 11 d\u00e9cembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-344-02_EcoStruxure_Control_Expert.pdf\u0026p_Doc_Ref=SEVD-2019-344-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-344-04 du 11 d\u00e9cembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-344-04_Power_SCADA_Operation.pdf\u0026p_Doc_Ref=SEVD-2019-344-04"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-344-05 du 11 d\u00e9cembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-344-05_EcoStruxure_Geo_SCADA_Expert.pdf\u0026p_Doc_Ref=SEVD-2019-344-05"
}
]
}
GSD-2019-6856
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-6856",
"description": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.",
"id": "GSD-2019-6856"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-6856"
],
"details": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.",
"id": "GSD-2019-6856",
"modified": "2023-12-13T01:23:49.479421Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2019-6856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)",
"version": {
"version_data": [
{
"version_value": "Modicon M580"
},
{
"version_value": "Modicon M340"
},
{
"version_value": "Modicon Quantum"
},
{
"version_value": "Modicon Premium (see security notification for specific versions)"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01",
"refsource": "CONFIRM",
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.80",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp576634m_:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57204m_:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67261_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67261:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67060_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67060:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67160_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67160:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67261_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67261:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67260_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67861_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67861:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:140cpu67160s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:140cpu67160s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2019-6856"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-016-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-02-03T15:18Z",
"publishedDate": "2020-01-06T23:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…