CVE-2019-6831
HIGHBMXNOR0200H Ethernet / Serial RTU Module - Denial of Service via High Volume IEC 60870-5-104 Packets
Title source: llmDescription
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on port 2404/TCP.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.schneider-electric.com/en/download/document/SEVD-2019-225-03/
Broken Link x_refsource_misc
https://security.cse.iitk.ac.in/responsible-disclosure
Scores
CVSS v3
8.6
EPSS
0.0054
EPSS Percentile
67.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-754
Status
published
Products (1)
schneider-electric/bmxnor0200h_firmware
Published
Sep 17, 2019
Tracked Since
Feb 18, 2026