Vulnerabilities > Schneider Electric > Modicon Quantum Firmware > 2.40

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-22	CVE-2019-6808	Missing Authentication for Critical Function vulnerability in Schneider-Electric products A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. network low complexity schneider-electric CWE-306 critical	9.8
2019-05-22	CVE-2018-7857	Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus. network low complexity schneider-electric CWE-754	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.