VDB
CVE-2019-6846
CVE-2019-6846
PUBLISHED
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
EPSS 0.22% · 44.3th percentile
Risk Scores
EPSS Score
0.22%
44.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric | Modicon M340 | |
| N/A | N/A | |
| Schneider Electric | N/A | |
| Symfony | process |
Exploit Intelligence
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
…and 135 more exploits
Timeline
- Oct 8, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Jun 28, 2021 PoC Published
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Dec 18, 2021 PoC Published
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SESB-2021-347-01_Apache_Log4j_Log4Shell_Vulnerabilities_Security_Notification_V14.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2019-281-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2019-281-02_Modicon_Controllers_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-01_EcoStruxure_Control_Expert_Modicon580_Security_Notification_V1.1.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V10.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-03_EcoStruxure_Control_Expert_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-02_Modicon_Controllers_Security_Notification_V1.1.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2018-081-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2018-081-01_Embedded_FTP_Servers_for_Modicon_PAC_Controllers_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-222-04_Modicon_PAC_Controllers_PLC_Simulator_Control_Expert_Process_Expert_Security_Notification_V2.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-194-01_EcoStruxure_Control_Expert_Process_Expert_SCADAPack_RemoteConnect_Modicon_M580_M340_Security_Notifcation_V4.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification_V1.1.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-347-01-APC_Easy_UPS_Online_Monitoring_Software_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-281-02_Modicon_Controllers.pdf&p_Doc_Ref=SEVD-2019-281-02 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-134-04-Floating-License-Manager-Update_V2.1.pdf&p_Doc_Ref=SEVD-2019-134-04 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-327-01-Embedded-Web-Servers-Modicon+V3.0.pdf&p_Doc_Ref=SEVD-2018-327-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-281-04_Modicon_Controllers.pdf&p_Doc_Ref=SEVD-2019-281-04 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-281-01_Modicon_Controllers.pdf&p_Doc_Ref=SEVD-2019-281-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-225-04_SoMachine_SoMove_V2.0.pdf&p_Doc_Ref=SEVD-2019-225-04 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-281-03_Modicon_Controllers.pdf&p_Doc_Ref=SEVD-2019-281-03 advisory