CVE-2019-6821
6.5MEDIUMCWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, an
Published: 5/22/2019Updated: 11/21/2024
Description
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.
AI AnalysisPowered by AI
Affected Products
schneider-electricmodicon_m580_firmware
schneider-electricmodicon_m580
-
schneider-electricmodicon_m340_firmware
schneider-electricmodicon_m340
-
schneider-electricmodicon_quantum_firmware
schneider-electricmodicon_quantum
-
schneider-electricmodicon_premium_firmware
schneider-electricmodicon_premium
-
References
- http://www.securityfocus.com/bid/108366Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01Third Party AdvisoryUS Government Resource
- https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/PatchVendor Advisory
- http://www.securityfocus.com/bid/108366Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01Third Party AdvisoryUS Government Resource
- https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/PatchVendor Advisory