Vulnerability Details CVE-2019-6851
A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-6851
-
cpe:2.3:h:schneider-electric:modicon_m340:-
-
cpe:2.3:h:schneider-electric:modicon_m580:-
-
cpe:2.3:h:schneider-electric:tsxmcpc002m:-
-
cpe:2.3:h:schneider-electric:tsxmcpc512k:-
-
cpe:2.3:h:schneider-electric:tsxmfp0128p2:-
-
cpe:2.3:h:schneider-electric:tsxmfp064p2:-
-
cpe:2.3:h:schneider-electric:tsxmfpp001m:-
-
cpe:2.3:h:schneider-electric:tsxmfpp002m:-
-
cpe:2.3:h:schneider-electric:tsxmfpp004m:-
-
cpe:2.3:h:schneider-electric:tsxmfpp224k:-
-
cpe:2.3:h:schneider-electric:tsxmfpp384k:-
-
cpe:2.3:h:schneider-electric:tsxmfpp512k:-
-
cpe:2.3:h:schneider-electric:tsxmrpc001m:-
-
cpe:2.3:h:schneider-electric:tsxmrpc002m:-
-
cpe:2.3:h:schneider-electric:tsxmrpc003m:-
-
cpe:2.3:h:schneider-electric:tsxmrpc007m:-
-
cpe:2.3:h:schneider-electric:tsxmrpc01m7:-
-
cpe:2.3:h:schneider-electric:tsxmrpc448k:-
-
cpe:2.3:h:schneider-electric:tsxmrpc768k:-
-
cpe:2.3:h:schneider-electric:tsxmrpf004m:-
-
cpe:2.3:h:schneider-electric:tsxmrpf008m:-
-
cpe:2.3:h:schneider-electric:tsxmrpp224k:-
-
cpe:2.3:h:schneider-electric:tsxmrpp384k:-
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:3.01
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:3.10
-
cpe:2.3:o:schneider-electric:modicon_m340_firmware:3.20
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:-
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.10
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.12
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.30
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.41
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.80
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:2.90
-
cpe:2.3:o:schneider-electric:modicon_m580_firmware:3.10
-
cpe:2.3:o:schneider-electric:tsxmcpc002m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmcpc512k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfp0128p2_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfp064p2_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfpp001m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfpp002m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfpp004m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfpp224k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfpp384k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmfpp512k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc001m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc002m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc003m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc007m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc01m7_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc448k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpc768k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpf004m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpf008m_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpp224k_firmware:-
-
cpe:2.3:o:schneider-electric:tsxmrpp384k_firmware:-