CVE-2019-6850
Last modified
CVE-2019-6850 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module.. EPSS estimates a 1.71% chance of exploitation in the next 30 days.
Description
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Modicon M580 Firmware | All versions |
| Schneider-Electric | Modicon Bmenoc 0311 Firmware | All versions |
| Schneider-Electric | Modicon Bmenoc 0321 Firmware | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-6850?
How severe is CVE-2019-6850?
How do I fix CVE-2019-6850?
Are you affected by CVE-2019-6850?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST