ByteOS Network

NVD Vulnerability Details :

CVE-2019-6811

Analyzed

Source-cybersecurity@se.com

Published At-17 Sep, 2019 | 20:15

Updated At-30 Nov, 2022 | 21:47

An Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability exists in Modicon Quantum 140 NOE771x1 version 6.9 and earlier, which could cause denial of service when the module receives an IP fragmented packet with a length greater than 65535 bytes. The module then requires a power cycle to recover.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

Schneider Electric SE

>>modicon_quantum_140noe77101_firmware>>Versions up to 6.9(inclusive)

cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:*:*:*:*:*:*:*:*

Schneider Electric SE

>>modicon_quantum_140noe77101>>-

cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*

Schneider Electric SE

>>modicon_quantum_140noe77111_firmware>>Versions up to 6.9(inclusive)

cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:*:*:*:*:*:*:*:*

Schneider Electric SE

>>modicon_quantum_140noe77111>>-

cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-754	Primary	nvd@nist.gov
CWE-754	Secondary	cybersecurity@se.com

References

Hyperlink	Source	Resource
https://www.schneider-electric.com/en/download/document/SEVD-2019-253-02/	cybersecurity@se.com	Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History