CVE-2019-6850

HIGH

Modicon M580/BMENOC - Info Disclosure

Title source: llm
STIX 2.1

Description

A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0032
EPSS Percentile 55.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (3)
schneider-electric/modicon_bmenoc_0311_firmware
schneider-electric/modicon_bmenoc_0321_firmware
schneider-electric/modicon_m580_firmware
Published Oct 29, 2019
Tracked Since Feb 18, 2026