{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T23:42:19.100","vulnerabilities":[{"cve":{"id":"CVE-2019-6847","sourceIdentifier":"cybersecurity@se.com","published":"2019-10-29T19:15:22.267","lastModified":"2024-11-21T04:47:16.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the application in the controller using FTP protocol."},{"lang":"es","value":"Existe una vulnerabilidad CWE-755: Manejo inadecuado de condiciones excepcionales en los módulos Modicon M580, Modicon M340, Modicon BMxCRA y 140CRA (todas las versiones de firmware), que podría causar un ataque de denegación de servicio en el servicio FTP al actualizar el firmware con una versión incompatible con la aplicación en el controlador utilizando el protocolo FTP"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-755"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"D52D735D-8AB5-40FE-A83F-266977601571"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_m580:-:*:*:*:*:*:*:*","matchCriteriaId":"E876C738-ABF6-4864-98A6-1E06E96A0DF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"05CBA9AD-ECB7-453F-8551-DD176FDE8043"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*","matchCriteriaId":"138681A2-0146-492B-8E10-06849FC27C6E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_bmxcra_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"E4E41AAB-05A3-43A4-B97A-34F265E25F40"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_bmxcra:-:*:*:*:*:*:*:*","matchCriteriaId":"F80F2F1C-F681-4498-942E-31EDA9CF79F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:modicon_140cra_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"76F5D4B2-1C0A-45E8-993C-DBBA4F745345"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:modicon_140cra:-:*:*:*:*:*:*:*","matchCriteriaId":"94575CFC-1395-4BB4-8D4F-AA41F7068A26"}]}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2019-281-02/","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://www.se.com/ww/en/download/document/SEVD-2019-281-02/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}