CVE-2019-6813 : Security Advisory and Response
Learn about CVE-2019-6813, a CWE-754 vulnerability affecting BMXNOR0200H Ethernet/Serial RTU module and Modicon M340 controller, leading to denial of service. Find mitigation steps and prevention measures.
A vulnerability identified as CWE-754 affects the BMXNOR0200H Ethernet/Serial RTU module and the Modicon M340 controller, leading to a denial of service when receiving truncated SNMP packets.
Understanding CVE-2019-6813
What is CVE-2019-6813?
This CVE refers to a CWE-754 vulnerability in the BMXNOR0200H Ethernet/Serial RTU module and the Modicon M340 controller, impacting all firmware versions of both devices.
The Impact of CVE-2019-6813
The vulnerability allows attackers to cause a denial of service by sending truncated SNMP packets to the affected devices on port 161/UDP.
Technical Details of CVE-2019-6813
Vulnerability Description
The vulnerability is due to improper handling of truncated SNMP packets, leading to a denial of service condition.
Affected Systems and Versions
- BMXNOR0200H Ethernet/Serial RTU module (all firmware versions)
- Modicon M340 controller (all firmware versions)
Exploitation Mechanism
Attackers exploit the vulnerability by sending truncated SNMP packets to the devices on port 161/UDP, triggering a denial of service.
Mitigation and Prevention
Immediate Steps to Take
- Apply vendor-provided patches or updates to fix the vulnerability.
- Implement network segmentation to limit exposure to potential attacks.
- Monitor network traffic for any unusual patterns that may indicate exploitation attempts.
Long-Term Security Practices
- Regularly update firmware and software to address known vulnerabilities.
- Conduct security assessments and penetration testing to identify and remediate weaknesses.
Patching and Updates
- Stay informed about security advisories from the vendor and apply patches promptly to mitigate risks.