CVE-2019-6831

Published: Sep 17, 2019Modified: Nov 21, 2024

8.6

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 4.0

Source: NVD

Description

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on port 2404/TCP.

Affected (1)

Products: Schneider Electric: Bmxnor0200h Firmware

Schneider Electric

1 product

Bmxnor0200h Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Bmxnor0200h Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Bmxnor0200h	All versions

Related CWEs

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (4)

https://security.cse.iitk.ac.in/responsible-disclosure

Source: cybersecurity@se.com

Broken Link

https://www.schneider-electric.com/en/download/document/SEVD-2019-225-03/

Source: cybersecurity@se.com

Vendor Advisory

https://security.cse.iitk.ac.in/responsible-disclosure

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://www.schneider-electric.com/en/download/document/SEVD-2019-225-03/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.