CVE-2019-6820

moderate-risk
Published 2019-05-22

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2

Do I need to act?

-
0.30% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.2/10 High
NETWORK / LOW complexity

Affected Products (12)

Modicon M100 Firmware
Modicon M200 Firmware
Modicon M221 Firmware
Atv Imc Drive Controller Firmware
Modicon M241 Firmware
Modicon M251 Firmware
Modicon M258 Firmware
Modicon Lmc058 Firmware
Modicon Lmc078 Firmware
Pacdrive Eco Firmware
Pacdrive Pro Firmware
Pacdrive Pro2 Firmware

Affected Vendors

Schneider-Electric

References (2)

Vendor Advisory https://www.schneider-electric.com/en/download/document/SEVD-2019-134-02/
Vendor Advisory https://www.schneider-electric.com/en/download/document/SEVD-2019-134-02/
46
/ 100
moderate-risk
Severity 28/34 · Critical
Exploitability 1/34 · Minimal
Exposure 17/34 · Moderate