High severity7.5NVD Advisory· Published Nov 20, 2019· Updated Jun 17, 2026
CVE-2019-6852
CVE-2019-6852
Description
A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.
Affected products
1- Schneider Electric/Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)v5Range: Modicon Controllers (M340 CPUs
Patches
Vulnerability mechanics
References
2- www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/nvdNot ApplicableVendor Advisory
- www.se.com/ww/en/download/document/SEVD-2019-316-02%20/nvdVendor Advisory
News mentions
0No linked articles in our index yet.