CVE-2019-6819

Name of the Vulnerable Software and Affected Versions Modicon M340 versions prior to V3.01 Modicon M580 versions prior to V2.80 Modicon Quantum (all firmware versions) Modicon Premium (all firmware versions)

Description A vulnerability exists due to improper check for unusual or exceptional conditions, which could cause a possible Denial of Service when specific Modbus frames are sent to the controller. This issue is related to insufficient checking of exceptional states, allowing a remote attacker to cause a denial of service by sending specially crafted Modbus packets to the controller.

Recommendations For Modicon M340 versions prior to V3.01, update to firmware version V3.01 or later. For Modicon M580 versions prior to V2.80, update to firmware version V2.80 or later. For Modicon Quantum and Modicon Premium, since all firmware versions are affected, consider restricting access to the controller or implementing additional security measures to minimize the risk of exploitation until a fix is available. As a temporary workaround, consider disabling the reception of Modbus frames from untrusted sources until a patch is available.