{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-19T14:16:27.146","vulnerabilities":[{"cve":{"id":"CVE-2019-6842","sourceIdentifier":"cybersecurity@se.com","published":"2019-10-29T19:15:21.923","lastModified":"2026-06-17T02:39:46.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol."},{"lang":"es","value":"Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en los módulos Modicon M580, Modicon M340, Modicon BMxCRA y 140CRA (todas las versiones de firmware), que podría causar un ataque de denegación de servicio en el PLC al actualizar el firmware con una imagen de servidor web faltante dentro del paquete utilizando el protocolo FTP"}],"affected":[{"source":"cybersecurity@se.com","affectedData":[{"vendor":"n/a","product":"Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info)","versions":[{"version":"Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info)","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-755"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"D52D735D-8AB5-40FE-A83F-266977601571"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_m580:-:*:*:*:*:*:*:*","matchCriteriaId":"E876C738-ABF6-4864-98A6-1E06E96A0DF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"05CBA9AD-ECB7-453F-8551-DD176FDE8043"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*","matchCriteriaId":"138681A2-0146-492B-8E10-06849FC27C6E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_bmxcra_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"E4E41AAB-05A3-43A4-B97A-34F265E25F40"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_bmxcra:-:*:*:*:*:*:*:*","matchCriteriaId":"F80F2F1C-F681-4498-942E-31EDA9CF79F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_140cra_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"76F5D4B2-1C0A-45E8-993C-DBBA4F745345"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_140cra:-:*:*:*:*:*:*:*","matchCriteriaId":"94575CFC-1395-4BB4-8D4F-AA41F7068A26"}]}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2019-281-02/","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://www.se.com/ww/en/download/document/SEVD-2019-281-02/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}