CVE-2019-6811

Published: Sep 17, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability exists in Modicon Quantum 140 NOE771x1 version 6.9 and earlier, which could cause denial of service when the module receives an IP fragmented packet with a length greater than 65535 bytes. The module then requires a power cycle to recover.

Affected (2)

Products: Schneider Electric: Modicon Quantum 140noe77101 Firmware, Modicon Quantum 140noe77111 Firmware

Schneider Electric

2 products

Modicon Quantum 140noe77101 Firmware

Modicon Quantum 140noe77111 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon Quantum 140noe77101 Firmware	Up to 6.9

Running on/with	Platform Versions
Schneider Electric Modicon Quantum 140noe77101	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon Quantum 140noe77111 Firmware	Up to 6.9

Running on/with	Platform Versions
Schneider Electric Modicon Quantum 140noe77111	All versions

Related CWEs

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://www.schneider-electric.com/en/download/document/SEVD-2019-253-02/

Source: cybersecurity@se.com

Vendor Advisory

https://www.schneider-electric.com/en/download/document/SEVD-2019-253-02/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.