Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quantum vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6808
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus.
Schneider-electric Modicon Premium Firmware
Schneider-electric Modicon Quantum Firmware
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon M580 Firmware
7.5
CVSSv3
CVE-2018-7856
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of Service when writing invalid memory blocks to the controller over Modbus.
Schneider-electric Modicon Premium Firmware -
Schneider-electric Modicon Quantum Firmware -
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon M580 Firmware
1 Github repository
7.5
CVSSv3
CVE-2019-6807
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing sensitive application variables to the controller over Modbus.
Schneider-electric Modicon Premium Firmware
Schneider-electric Modicon Quantum Firmware
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon M580 Firmware
7.5
CVSSv3
CVE-2019-6845
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information when transferring applications to the controller using Modbus ...
Schneider-electric Modicon M580 Firmware
Schneider-electric Modicon M340 Firmware
Schneider-electric Tsxmcpc002m Firmware
Schneider-electric Tsxmcpc512k Firmware
Schneider-electric Tsxmfpp001m Firmware
Schneider-electric Tsxmfpp002m Firmware
Schneider-electric Tsxmfpp004m Firmware
Schneider-electric Tsxmfpp512k Firmware
Schneider-electric Tsxmrpc001m Firmware
Schneider-electric Tsxmrpc002m Firmware
Schneider-electric Tsxmrpc003m Firmware
Schneider-electric Tsxmrpc007m Firmware
Schneider-electric Tsxmrpc01m7 Firmware
Schneider-electric Tsxmrpc768k Firmware
Schneider-electric Tsxmrpf004m Firmware
Schneider-electric Tsxmrpf008m Firmware
Schneider-electric Tsxmfp0128p2 Firmware
Schneider-electric Tsxmfp064p2 Firmware
Schneider-electric Tsxmfpp224k Firmware
Schneider-electric Tsxmfpp384k Firmware
Schneider-electric Tsxmrpc448k Firmware
Schneider-electric Tsxmrpp224k Firmware
NA
CVE-2010-2801
Integer signedness error in the Quantum decompressor in cabextract prior to 1.3, when archive test mode is used, allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab...
Cabextract Project Cabextract 1.1
Cabextract Project Cabextract 1.0
Cabextract Project Cabextract 0.6
Cabextract Project Cabextract 0.5
Cabextract Project Cabextract
Cabextract Project Cabextract 0.2
Cabextract Project Cabextract 0.1
Cabextract Project Cabextract 0.4
Cabextract Project Cabextract 0.3
5.5
CVSSv3
CVE-2022-1115
A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.
Imagemagick Imagemagick
6.1
CVSSv3
CVE-2018-7804
A URL Redirection to Untrusted Site vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a user clicking on a specially crafted link can be redirected to a URL of the attacker's choosing.
Schneider-electric Modicom M340 Firmware
Schneider-electric Modicom Premium Firmware
Schneider-electric Modicom Quantum Firmware
Schneider-electric Modicom Bmxnor0200h Firmware
7.2
CVSSv3
CVE-2019-3914
Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated malicious user to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostna...
Verizon Fios Quantum Gateway G1100 Firmware 02.01.00.05
9.8
CVSSv3
CVE-2018-7847
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service or potential code execution by overwriting configuration settings of the controller over Modbus.
Schneider-electric Modicon M580 Firmware
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon Quantum Firmware
Schneider-electric Modicon Premium Firmware
7.5
CVSSv3
CVE-2018-7857
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus.
Schneider-electric Modicon Premium Firmware
Schneider-electric Modicon Quantum Firmware
Schneider-electric Modicon M340 Firmware
Schneider-electric Modicon M580 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »