Vulnerabilities > CVE-2019-6829 - Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric Modicon M340 Firmware and Modicon M580 Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Talos
id | TALOS-2019-0807 |
last seen | 2019-09-20 |
published | 2019-08-13 |
reporter | Talos Intelligence |
source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0807 |
title | Schneider Electric Modicon M580 UMAS Function Code 0x29 Denial of Service Vulnerability |