First published: Tue Sep 17 2019(Updated: )
An Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability exists in Modicon Quantum 140 NOE771x1 version 6.9 and earlier, which could cause denial of service when the module receives an IP fragmented packet with a length greater than 65535 bytes. The module then requires a power cycle to recover.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Modicon Quantum 140noe77101 Firmware | <=6.9 | |
Schneider-electric Modicon Quantum 140noe77101 | ||
Schneider-electric Modicon Quantum 140noe77111 Firmware | <=6.9 | |
Schneider-electric Modicon Quantum 140noe77111 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-6811 is an Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability that exists in Modicon Quantum 140 NOE771x1 version 6.9 and earlier.
The severity of CVE-2019-6811 is high with a severity value of 7.5.
Modicon Quantum 140 NOE771x1 version 6.9 and earlier are affected by CVE-2019-6811.
CVE-2019-6811 can be exploited by sending an IP fragmented packet with a length greater than 65535 bytes to the module.
Yes, an update to Modicon Quantum 140 NOE771x1 firmware to a version that is later than 6.9 is available to fix CVE-2019-6811.