Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability
July 3, 2019Rewterz Threat Alert – TA505 New Summer Campaign Introduces AndroMut Malware
July 4, 2019Severity
Medium
Analysis Summary
An attacker could create a denial-of-service condition by sending a specific crafted Modbus frame to the affected device.
Impact
Denial of service
Affected Vendors
Schneider Electric
Affected Products
- Modicon M340: Firmware versions prior to v3.01
- Modicon M580: Firmware versions prior to v2.80
- Modicon Quantum: All firmware versions
- Modicon Premium: All firmware versions
Remediation
Schneider Electric has recommended the following to mitigate this vulnerability.
Modicon M340 – The vulnerability is fixed in v3.01
Modicon M580 – The vulnerability is fixed in v2.80