PT-2020-11217 · Schneider Electric · Modicon M580+3
Published
2020-01-06
·
Updated
2026-05-29
·
CVE-2019-6857
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Modicon M580 (affected versions not specified)
Modicon M340 (affected versions not specified)
Modicon Quantum (affected versions not specified)
Modicon Premium (affected versions not specified)
Description
A vulnerability exists that could cause a Denial of Service of the controller when reading specific memory blocks using Modbus TCP. This issue is related to improper checks for unusual or exceptional conditions.
Recommendations
For Modicon M580, refer to the security notification for specific guidance on resolving the issue.
For Modicon M340, refer to the security notification for specific guidance on resolving the issue.
For Modicon Quantum, refer to the security notification for specific guidance on resolving the issue.
For Modicon Premium, refer to the security notification for specific guidance on resolving the issue.
As a temporary workaround, consider restricting access to Modbus TCP to minimize the risk of exploitation.
Fix
DoS
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Modicon M340
Modicon M580
Modicon Premium
Modicon Quantum