Information Exposure in Modicon M580 and Communication Modules by Schneider Electric
CVE-2019-6850
7.5HIGH
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 29 October 2019
What is CVE-2019-6850?
A vulnerability exists in specific models of Modicon controllers and communication modules, which allows unauthorized access to sensitive information through the REST API. This may lead to the unintended disclosure of critical data when specific registers are accessed. Users of the affected versions should assess their systems and implement appropriate security measures to mitigate potential risks.
Affected Version(s)
Modicon M580, Modicon BMENOC 0311, Modicon BMENOC 0321 Modicon M580, Modicon BMENOC 0311, Modicon BMENOC 0321