CVE-2019-6821

CVE-2019-6821

Vendor N/A
Product Modicon Controllers, Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum
Weakness CWE-330 · Insufficient randomness
Published May 22, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.

Key dates

02Disclosure timeline

May 22, 2019 CVE published
August 4, 2024 Record updated