CVE-2019-6828
First published: Tue Sep 17 2019(Updated: )
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Modicon M580 Firmware | <2.90 | |
| Schneider-electric Modicon M580 | ||
| Schneider-electric Modicon M340 Firmware | <3.10 | |
| Schneider-electric Modicon M340 | ||
| Schneider-electric Modicon Premium Firmware | ||
| Schneider-electric Modicon Premium | ||
| Schneider-electric Modicon Quantum Firmware | ||
| Schneider-electric Modicon Quantum |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-6828?
The severity of CVE-2019-6828 is high (7.5).
Which products are affected by CVE-2019-6828?
Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions) are affected by CVE-2019-6828.
What is the vulnerability description of CVE-2019-6828?
CVE-2019-6828 is a CWE-248: Uncaught Exception vulnerability that could cause a possible denial of service when reading specific coils and registers.
How can I fix CVE-2019-6828?
To fix CVE-2019-6828, update the firmware of Modicon M580 to version V2.90 or higher, and Modicon M340 to version V3.10 or higher.
Where can I find more information about CVE-2019-6828?
More information about CVE-2019-6828 can be found at the following link: [CVE-2019-6828](https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/).
- collector/nvd-index
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- vendor/schneider-electric
- canonical/schneider-electric modicon m580 firmware
- canonical/schneider-electric modicon m580
- canonical/schneider-electric modicon m340 firmware
- canonical/schneider-electric modicon m340
- canonical/schneider-electric modicon premium firmware
- canonical/schneider-electric modicon premium
- canonical/schneider-electric modicon quantum firmware
- canonical/schneider-electric modicon quantum