Schneider Electric Modicon M340 SNMP Server SNMP Packet Truncate denial of service
| CVSS Meta Temp Score | Current Exploit Price (β) |
|---|---|
| 3.4 | $0-$5k |
A vulnerability was found in Schneider Electric BMXNOR0200H Ethernet Serial RTU Module and Modicon M340 (version unknown). It has been classified as problematic. Affected is an unknown code of the component SNMP Server. The manipulation as part of a SNMP Packet leads to a denial of service vulnerability (Truncate). CWE is classifying the issue as CWE-404. This is going to have an impact on availability.
The weakness was released 09/17/2019. The advisory is shared for download at schneider-electric.com. This vulnerability is traded as CVE-2019-6813 since 01/25/2019. There are neither technical details nor an exploit publicly available.
It is possible to mitigate the weakness by firewalling udp/161 (snmp).
Vendor
Name
VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.4
VulDB Base Score: β3.5
VulDB Temp Score: β3.4
VulDB Vector: π
VulDB Reliability: π
VulDB Base Score: π
VulDB Temp Score: π
VulDB Reliability: π
Class: Denial of service / Truncate (CWE-404)
Local: Yes
Remote: No
Availability: π
Status: Not defined
Price Prediction: π
Current Price Estimation: π
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: π
Adversaries: π
Geopolitics: π
Economy: π
Predictions: π
Remediation: πRecommended: Firewall
Status: π
0-Day Time: π
Firewalling: π
01/25/2019 CVE assigned
09/17/2019 Advisory disclosed
09/18/2019 VulDB entry created
09/18/2019 VulDB last updateVendor: schneider-electric.com
Advisory: schneider-electric.com
CVE: CVE-2019-6813 (π)
Created: 09/18/2019 11:24 AM
Complete: π
Comments
Check our Alexa App!
https://vuldb.com/?id.141936
Comments are closed.
No comments yet. Please log in to comment.