cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-6851,https://securityvulnerability.io/vulnerability/CVE-2019-6851,Information Disclosure Vulnerability in Schneider Electric's Modicon Controllers,"An information disclosure vulnerability exists in Schneider Electric's Modicon M580, M340, Premium, and Quantum controllers across all firmware versions. This issue arises when the TFTP protocol is utilized, allowing unauthorized access to sensitive data stored within the controller. This exposure may lead to the leakage of file and directory information, which poses a significant security risk for users relying on these industrial control systems.",Schneider Electric,"Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all Firmware Versions)",7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2019-10-29T14:55:35.000Z,0
CVE-2019-6845,https://securityvulnerability.io/vulnerability/CVE-2019-6845,Cleartext Transmission Vulnerability in Modicon Products by Schneider Electric,"A vulnerability exists in the Modicon series of products by Schneider Electric, specifically affecting the Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum across all firmware versions. This vulnerability arises from the cleartext transmission of sensitive information during application transfers via the Modbus TCP protocol. Organizations using these products should assess their configurations and consider implementing measures to secure data in transit to prevent potential information disclosure.",Schneider Electric,"Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all Firmware Versions)",7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2019-10-29T14:49:49.000Z,0
CVE-2019-6819,https://securityvulnerability.io/vulnerability/CVE-2019-6819,Improper Condition Checks in Modicon Controllers by Schneider Electric,"An improper check for unusual or exceptional conditions in Schneider Electric’s Modicon controllers could allow an attacker to send specially crafted Modbus frames. This can lead to a denial of service by disrupting the normal operation of the controllers, affecting critical processes and operational reliability. Users are advised to review their firmware versions and upgrade to the latest releases to mitigate this risk.",Schneider Electric,"Modicon Controllers, Modicon M340 - Firmware Versions Prior To V3.01 Modicon M580 - Firmware Versions Prior To V2.80 All Firmware Versions Of Modicon Quantum And Modicon Premium",7.5,HIGH,0.001449999981559813,false,,false,false,false,,,false,false,,2019-05-22T19:45:08.000Z,0
CVE-2019-6821,https://securityvulnerability.io/vulnerability/CVE-2019-6821,Insufficient Randomness Vulnerability in Modicon Ethernet Communication by Schneider Electric,"The vulnerability involves the use of insufficiently random values, making it possible for attackers to hijack TCP connections over Ethernet communication. This flaw affects multiple Schneider Electric Modicon firmware versions, opening avenues for unauthorized access and potential control of network devices.",Schneider Electric,"Modicon Controllers, Modicon M580 Firmware Versions Prior To V2.30, And All Firmware Versions Of Modicon M340, Modicon Premium, Modicon Quantum",6.5,MEDIUM,0.0015300000086426735,false,,false,false,false,,,false,false,,2019-05-22T19:42:06.000Z,0