CVE-2019-6811

Name of the Vulnerable Software and Affected Versions Modicon Quantum 140 NOE771x1 versions 6.9 and earlier

Description The issue is related to an Improper Check for Unusual or Exceptional Conditions, which could cause denial of service when the module receives an IP fragmented packet with a length greater than 65535 bytes. The module then requires a power cycle to recover. This could allow a remote attacker to cause a denial of service.

Recommendations For Modicon Quantum 140 NOE771x1 versions 6.9 and earlier, consider implementing network traffic filtering to block IP fragmented packets with a length greater than 65535 bytes as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.