← back
CVE-2019-6844

CVE-2019-6844

EPSS 1.0%CWE-755
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
29 Oct 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid web server image using FTP protocol.
Affected products
n/a · Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.se.com/ww/en/download/document/SEVD-2019-281-02/