VIR Vulnerability Intelligence Relay

CVE-2019-6819

high
Published 2019-05-22 ยท Modified 2026-05-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
7.5

Description

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.

Predictions

Exploit likelihood
83%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact
VendorProductVersionsFixed
schneider-electricmodicon_m340_bmxp341000-
schneider-electricmodicon_m340_bmxp341000h-
schneider-electricmodicon_m340_bmxp342000-
schneider-electricmodicon_m340_bmxp3420102-
schneider-electricmodicon_m340_bmxp3420102cl-
schneider-electricmodicon_m340_bmxp342020-
schneider-electricmodicon_m340_bmxp342020h-
schneider-electricmodicon_m340_bmxp3420302-
schneider-electricmodicon_m340_bmxp3420302cl-
schneider-electricmodicon_m340_bmxp3420302h-
schneider-electricbmeh582040-
schneider-electricbmeh582040c-
schneider-electricbmeh584040-
schneider-electricbmeh584040c-
schneider-electricbmeh586040-
schneider-electricbmeh586040c-
schneider-electricmodicon_m580_bmep581020-
schneider-electricmodicon_m580_bmep581020h-
schneider-electricmodicon_m580_bmep582020-
schneider-electricmodicon_m580_bmep582020h-
schneider-electricmodicon_m580_bmep582040-
schneider-electricmodicon_m580_bmep582040h-
schneider-electricmodicon_m580_bmep582040s-
schneider-electricmodicon_m580_bmep583020-
schneider-electricmodicon_m580_bmep583040-
schneider-electricmodicon_m580_bmep584020-
schneider-electricmodicon_m580_bmep584040-
schneider-electricmodicon_m580_bmep584040s-
schneider-electricmodicon_m580_bmep585040-
schneider-electricmodicon_m580_bmep585040c-
schneider-electricmodicon_m580_bmep586040-
schneider-electricmodicon_m580_bmep586040c-
schneider-electricmodicon_quantum-
schneider-electricmodicon_premium-

References

CWEs

CWE-754

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.