cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-6851,https://securityvulnerability.io/vulnerability/CVE-2019-6851,Information Disclosure Vulnerability in Schneider Electric's Modicon Controllers,"An information disclosure vulnerability exists in Schneider Electric's Modicon M580, M340, Premium, and Quantum controllers across all firmware versions. This issue arises when the TFTP protocol is utilized, allowing unauthorized access to sensitive data stored within the controller. This exposure may lead to the leakage of file and directory information, which poses a significant security risk for users relying on these industrial control systems.",Schneider Electric,"Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all Firmware Versions)",7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2019-10-29T14:55:35.000Z,0
CVE-2019-6845,https://securityvulnerability.io/vulnerability/CVE-2019-6845,Cleartext Transmission Vulnerability in Modicon Products by Schneider Electric,"A vulnerability exists in the Modicon series of products by Schneider Electric, specifically affecting the Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum across all firmware versions. This vulnerability arises from the cleartext transmission of sensitive information during application transfers via the Modbus TCP protocol. Organizations using these products should assess their configurations and consider implementing measures to secure data in transit to prevent potential information disclosure.",Schneider Electric,"Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all Firmware Versions)",7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2019-10-29T14:49:49.000Z,0
CVE-2019-6816,https://securityvulnerability.io/vulnerability/CVE-2019-6816,Code Injection Vulnerability in Modicon Quantum by Schneider Electric,"A code injection vulnerability exists in all versions of the Modicon Quantum firmware developed by Schneider Electric. This vulnerability could allow an attacker to modify firmware without authorization when utilizing the Modbus protocol, potentially leading to unauthorized access and service interruptions. Mitigating this vulnerability is essential to maintain system integrity and operational continuity.",Schneider Electric,Modicon Quantum - All Firmware Versions,9.1,CRITICAL,0.001290000043809414,false,,false,false,false,,,false,false,,2019-05-22T19:54:08.000Z,0
CVE-2019-6815,https://securityvulnerability.io/vulnerability/CVE-2019-6815,Permissions and Access Control Vulnerability in Schneider Electric Modicon Quantum,"In Schneider Electric's Modicon Quantum PLCs, all firmware versions are susceptible to vulnerabilities in permissions and access control when using the Ethernet/IP protocol. These vulnerabilities can potentially result in unauthorized modifications to the PLC configuration, leading to service disruption and operational risks.",Schneider Electric,Modicon Quantum - All Firmware Versions,9.1,CRITICAL,0.000859999970998615,false,,false,false,false,,,false,false,,2019-05-22T19:52:28.000Z,0
CVE-2018-7788,https://securityvulnerability.io/vulnerability/CVE-2018-7788,Credentials Management Flaw in Modicon Quantum by Schneider Electric,"A credentials management vulnerability exists within the Modicon Quantum device that may result in a denial of service when utilizing a Telnet connection. This flaw is present in devices running firmware versions prior to V2.40, potentially allowing unauthorized access or disruption of service, underscoring the need for timely firmware updates and robust security measures.",Schneider Electric,Modicon Quantum With Firmware Versions Prior To V2.40.,6.5,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2019-05-22T19:50:21.000Z,0
CVE-2019-6819,https://securityvulnerability.io/vulnerability/CVE-2019-6819,Improper Condition Checks in Modicon Controllers by Schneider Electric,"An improper check for unusual or exceptional conditions in Schneider Electric’s Modicon controllers could allow an attacker to send specially crafted Modbus frames. This can lead to a denial of service by disrupting the normal operation of the controllers, affecting critical processes and operational reliability. Users are advised to review their firmware versions and upgrade to the latest releases to mitigate this risk.",Schneider Electric,"Modicon Controllers, Modicon M340 - Firmware Versions Prior To V3.01 Modicon M580 - Firmware Versions Prior To V2.80 All Firmware Versions Of Modicon Quantum And Modicon Premium",7.5,HIGH,0.001449999981559813,false,,false,false,false,,,false,false,,2019-05-22T19:45:08.000Z,0
CVE-2019-6821,https://securityvulnerability.io/vulnerability/CVE-2019-6821,Insufficient Randomness Vulnerability in Modicon Ethernet Communication by Schneider Electric,"The vulnerability involves the use of insufficiently random values, making it possible for attackers to hijack TCP connections over Ethernet communication. This flaw affects multiple Schneider Electric Modicon firmware versions, opening avenues for unauthorized access and potential control of network devices.",Schneider Electric,"Modicon Controllers, Modicon M580 Firmware Versions Prior To V2.30, And All Firmware Versions Of Modicon M340, Modicon Premium, Modicon Quantum",6.5,MEDIUM,0.0015300000086426735,false,,false,false,false,,,false,false,,2019-05-22T19:42:06.000Z,0