VYPR
High severity7.5NVD Advisory· Published Nov 20, 2019· Updated Jun 17, 2026

CVE-2019-6852

CVE-2019-6852

Description

A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.

Affected products

1
  • Schneider Electric/Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)v5
    Range: Modicon Controllers (M340 CPUs

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.