VYPR

Quantum

by Modicon

CVEs (4)

  • CVE-2019-6816CriMay 22, 2019
    risk 0.59cvss 9.1epss 0.01

    In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol.

  • CVE-2019-6815CriMay 22, 2019
    risk 0.59cvss 9.1epss 0.01

    In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration when using Ethernet/IP protocol.

  • CVE-2018-7830HigNov 30, 2018
    risk 0.49cvss 7.5epss 0.02

    Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a denial of service can occur for ~1 minute by sending a specially crafted HTTP…

  • CVE-2018-7788MedMay 22, 2019
    risk 0.42cvss 6.5epss 0.01

    A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection.