Vyacheslav Moskvin And Ivan Kurnakov

**Name of the Vulnerable Software and Affected Versions** Modicon Quantum all firmware versions **Description** The issue is related to errors in access control mechanisms, which could allow a remote attacker to cause a denial of service or make unauthorized modifications to the PLC configuration when using the Ethernet/IP protocol. The vulnerability is associated with permissions, privileges, and access control flaws. **Recommendations** For all firmware versions, consider restricting access to the Ethernet/IP protocol until a patch is available. As a temporary workaround, limit the privileges of users who can modify the PLC configuration to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Modicon Quantum (affected versions not specified) **Description** The issue is related to errors in code generation management, specifically a code injection vulnerability. This could allow a remote attacker to unauthorizedly modify the embedded software and cause a denial of service using the Modbus protocol. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.