Schneider-electric Modicon Quantum Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Modicon Quantum Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2018-7842 — CVSS 9.8 (critical): A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and…
CVE-2018-7846 — CVSS 9.8 (critical): A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340…
CVE-2019-6808 — CVSS 9.8 (critical): A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon…
CVE-2018-7847 — CVSS 9.8 (critical): A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon…
CVE-2019-6816 — CVSS 9.1 (critical): In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with…
CVE-2019-6815 — CVSS 9.1 (critical): In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of…
CVE-2018-7852 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7853 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7854 — CVSS 7.5 (high): A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7855 — CVSS 7.5 (high): A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7856 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7857 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2019-6806 — CVSS 7.5 (high): A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon…
CVE-2019-6807 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2019-6809 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions…
CVE-2019-6828 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to…
CVE-2018-7843 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7844 — CVSS 7.5 (high): A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon…
CVE-2018-7845 — CVSS 7.5 (high): A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium…
CVE-2018-7848 — CVSS 7.5 (high): A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon…
CVE-2018-7849 — CVSS 7.5 (high): A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium…
CVE-2019-6819 — CVSS 7.5 (high): A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when…
CVE-2018-7788 — CVSS 6.5 (medium): A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial…
CVE-2019-6821 — CVSS 6.5 (medium): CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet…
CVE-2018-7850 — CVSS 5.3 (medium): A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340…