Schneider.Electric.Modicon.CVE-2019-6850.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure vulnerability in Schneider Electric Modicon M580 UMAS.
An unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable device. Successful exploitation causes the device to return blocks of program memory, resulting in the disclosure of sensitive project information.
Affected Products
Schneider Electric Modicon M580 BMEP582040 SV2.80
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.schneider-electric.com/en/download/document/SEVD-2019-281-04/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |