CVE-2019-6806

High

7.5/10

Summary

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading variables in the controller using Modbus.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published May 22, 2019

CVE-2019-6806

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS