Skip to main content

Modicon Quantum Firmware

10 CVEs product

Monthly

CVE-2019-6828 HIGH This Week

A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M580 Firmware Modicon M340 Firmware Modicon Premium Firmware Modicon Quantum Firmware
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-6809 HIGH This Week

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M580 Firmware Modicon M340 Firmware Modicon Premium Firmware Modicon Quantum Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-6808 CRITICAL POC Act Now

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Modicon Premium Firmware Modicon Quantum Firmware Modicon M340 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
8.2%
CVE-2019-6807 HIGH POC This Week

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Modicon Premium Firmware Modicon Quantum Firmware Modicon M340 Firmware Modicon M580 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-6806 HIGH POC This Week

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Modicon Premium Firmware Modicon Quantum Firmware Modicon M340 Firmware Modicon M580 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2019-6821 MEDIUM PATCH This Month

30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Modicon M580 Firmware Modicon M340 Firmware Modicon Quantum Firmware Modicon Premium Firmware
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2019-6819 HIGH This Week

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M340 Firmware Modicon M580 Firmware Modicon Quantum Firmware Modicon Premium Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2019-6816 CRITICAL Act Now

In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Denial Of Service RCE Modicon Quantum Firmware
NVD
CVSS 3.0
9.1
EPSS
1.5%
CVE-2019-6815 CRITICAL Act Now

In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon Quantum Firmware
NVD
CVSS 3.0
9.1
EPSS
1.4%
CVE-2018-7852 HIGH POC THREAT Act Now

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.9%.

Denial Of Service Modicon M580 Firmware Modicon M340 Firmware Modicon Quantum Firmware Modicon Premium Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
12.9%
EPSS 2% CVSS 7.5
HIGH This Week

A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M580 Firmware Modicon M340 Firmware +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M580 Firmware Modicon M340 Firmware +2
NVD
EPSS 8% CVSS 9.8
CRITICAL POC Act Now

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Modicon Premium Firmware +3
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Modicon Premium Firmware Modicon Quantum Firmware +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Modicon Premium Firmware Modicon Quantum Firmware +2
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Modicon M580 Firmware Modicon M340 Firmware +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon M340 Firmware Modicon M580 Firmware +2
NVD VulDB
EPSS 1% CVSS 9.1
CRITICAL Act Now

In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Denial Of Service RCE +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Modicon Quantum Firmware
NVD
EPSS 13% CVSS 7.5
HIGH POC THREAT Act Now

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.9%.

Denial Of Service Modicon M580 Firmware Modicon M340 Firmware +2
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy