← back
CVE-2019-6821

CVE-2019-6821

EPSS 1.9%CWE-330
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.
Affected products
n/a · Modicon Controllers, Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/http://www.securityfocus.com/bid/108366