GCVE - cpe:2.3:a:schneider_electric_se:modicon

Approved changes feed: RSS · Atom

cpe:2.3:a:schneider_electric_se:modicon_quantum:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Schneider Electric Se (`25d1a66d-bfb8-5d1c-9a6c-4a2405fe5386`)
Product	Modicon Quantum (`0686957e-576b-5e7a-86a8-b003259a72dd`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-6828`	vulnerable	2026-06-03 14:40:40.805470	Details available A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus. Published: 2019-09-17T19:59:33.000Z Updated: 2024-08-04T20:31:04.247Z Open on db.gcve.eu Reference links https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-6809`	vulnerable	2026-06-03 14:40:40.721169	Details available A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the controller. Published: 2019-09-17T19:50:29.000Z Updated: 2024-08-04T20:31:04.229Z Open on db.gcve.eu Reference links https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-7240`	vulnerable	2026-06-03 14:39:06.642907	Details available A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware. Published: 2018-04-18T20:00:00.000Z Updated: 2024-08-05T06:24:11.250Z Open on db.gcve.eu Reference links https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/ http://www.securityfocus.com/bid/103541 https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Modicon Quantum

PURL mappings

Vulnerability references

Contribute