CVE-2019-6845
First published: Tue Oct 29 2019(Updated: )
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Modicon M580 Firmware | ||
| Schneider-electric Modicon M580 | ||
| Schneider-electric Modicon M340 Firmware | ||
| Schneider-electric Modicon M340 | ||
| Schneider-electric Tsxmcpc002m Firmware | ||
| Schneider-electric Tsxmcpc002m | ||
| Schneider-electric Tsxmcpc512k Firmware | ||
| Schneider-electric Tsxmcpc512k | ||
| Schneider-electric Tsxmfpp001m Firmware | ||
| Schneider-electric Tsxmfpp001m | ||
| Schneider-electric Tsxmfpp002m Firmware | ||
| Schneider-electric Tsxmfpp002m | ||
| Schneider-electric Tsxmfpp004m Firmware | ||
| Schneider-electric Tsxmfpp004m | ||
| Schneider-electric Tsxmfpp512k Firmware | ||
| Schneider-electric Tsxmfpp512k | ||
| Schneider-electric Tsxmrpc001m Firmware | ||
| Schneider-electric Tsxmrpc001m | ||
| Schneider-electric Tsxmrpc002m Firmware | ||
| Schneider-electric Tsxmrpc002m | ||
| Schneider-electric Tsxmrpc003m Firmware | ||
| Schneider-electric Tsxmrpc003m | ||
| Schneider-electric Tsxmrpc007m Firmware | ||
| Schneider-electric Tsxmrpc007m | ||
| Schneider-electric Tsxmrpc01m7 Firmware | ||
| Schneider-electric Tsxmrpc01m7 | ||
| Schneider-electric Tsxmrpc768k Firmware | ||
| Schneider-electric Tsxmrpc768k | ||
| Schneider-electric Tsxmrpf004m Firmware | ||
| Schneider-electric Tsxmrpf004m | ||
| Schneider-electric Tsxmrpf008m Firmware | ||
| Schneider-electric Tsxmrpf008m | ||
| Schneider-electric Tsxmfp0128p2 Firmware | ||
| Schneider-electric Tsxmfp0128p2 | ||
| Schneider-electric Tsxmfp064p2 Firmware | ||
| Schneider-electric Tsxmfp064p2 | ||
| Schneider-electric Tsxmfpp224k Firmware | ||
| Schneider-electric Tsxmfpp224k | ||
| Schneider-electric Tsxmfpp384k Firmware | ||
| Schneider-electric Tsxmfpp384k | ||
| Schneider-electric Tsxmrpc448k Firmware | ||
| Schneider-electric Tsxmrpc448k | ||
| Schneider-electric Tsxmrpp224k Firmware | ||
| Schneider-electric Tsxmrpp224k | ||
| Schneider-electric Tsxmrpp384k Firmware | ||
| Schneider-electric Tsxmrpp384k |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-6845.
What is the severity level of CVE-2019-6845?
CVE-2019-6845 has a severity level of 7.5 (high).
What is the affected software for CVE-2019-6845?
The affected software for CVE-2019-6845 includes Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum (all firmware versions).
How can this vulnerability be exploited?
This vulnerability can be exploited by transferring applications to the controller using the Modbus TCP protocol.
How can I fix CVE-2019-6845?
To fix CVE-2019-6845, apply the necessary patch or firmware update provided by Schneider Electric.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/schneider-electric
- canonical/schneider-electric modicon m580 firmware
- canonical/schneider-electric modicon m580
- canonical/schneider-electric modicon m340 firmware
- canonical/schneider-electric modicon m340
- canonical/schneider-electric tsxmcpc002m firmware
- canonical/schneider-electric tsxmcpc002m
- canonical/schneider-electric tsxmcpc512k firmware
- canonical/schneider-electric tsxmcpc512k
- canonical/schneider-electric tsxmfpp001m firmware
- canonical/schneider-electric tsxmfpp001m
- canonical/schneider-electric tsxmfpp002m firmware
- canonical/schneider-electric tsxmfpp002m
- canonical/schneider-electric tsxmfpp004m firmware
- canonical/schneider-electric tsxmfpp004m
- canonical/schneider-electric tsxmfpp512k firmware
- canonical/schneider-electric tsxmfpp512k
- canonical/schneider-electric tsxmrpc001m firmware
- canonical/schneider-electric tsxmrpc001m
- canonical/schneider-electric tsxmrpc002m firmware
- canonical/schneider-electric tsxmrpc002m
- canonical/schneider-electric tsxmrpc003m firmware
- canonical/schneider-electric tsxmrpc003m
- canonical/schneider-electric tsxmrpc007m firmware
- canonical/schneider-electric tsxmrpc007m
- canonical/schneider-electric tsxmrpc01m7 firmware
- canonical/schneider-electric tsxmrpc01m7
- canonical/schneider-electric tsxmrpc768k firmware
- canonical/schneider-electric tsxmrpc768k
- canonical/schneider-electric tsxmrpf004m firmware
- canonical/schneider-electric tsxmrpf004m
- canonical/schneider-electric tsxmrpf008m firmware
- canonical/schneider-electric tsxmrpf008m
- canonical/schneider-electric tsxmfp0128p2 firmware
- canonical/schneider-electric tsxmfp0128p2
- canonical/schneider-electric tsxmfp064p2 firmware
- canonical/schneider-electric tsxmfp064p2
- canonical/schneider-electric tsxmfpp224k firmware
- canonical/schneider-electric tsxmfpp224k
- canonical/schneider-electric tsxmfpp384k firmware
- canonical/schneider-electric tsxmfpp384k
- canonical/schneider-electric tsxmrpc448k firmware
- canonical/schneider-electric tsxmrpc448k
- canonical/schneider-electric tsxmrpp224k firmware
- canonical/schneider-electric tsxmrpp224k
- canonical/schneider-electric tsxmrpp384k firmware
- canonical/schneider-electric tsxmrpp384k