VYPR

Modicon Quantum Plc

by Schneider Electric

CVEs (46)

  • CVE-2018-7850May 22, 2019
    risk 0.00cvss epss 0.02

    A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software.

  • CVE-2019-6816May 22, 2019
    risk 0.00cvss epss 0.01

    In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol.

  • CVE-2019-6815May 22, 2019
    risk 0.00cvss epss 0.01

    In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration when using Ethernet/IP protocol.

  • CVE-2018-7788May 22, 2019
    risk 0.00cvss epss 0.01

    A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection.

  • CVE-2019-6821May 22, 2019
    risk 0.00cvss epss 0.02

    CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.

  • CVE-2013-0664Apr 4, 2013
    risk 0.00cvss epss 0.04

    The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP…

Page 3 of 3