{"api_version":"1","generated_at":"2026-06-03T09:09:20+00:00","cve":"CVE-2019-6852","urls":{"html":"https://cve.report/CVE-2019-6852","api":"https://cve.report/api/cve/CVE-2019-6852.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-6852","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-6852"},"summary":{"title":"CVE-2019-6852","description":"A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.","state":"PUBLISHED","assigner":"schneider","published_at":"2019-11-20 22:15:12","updated_at":"2026-05-28 20:16:19"},"problem_types":["CWE-200","CWE-200 CWE-200: Information Exposure"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/","name":"https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Vendor Advisory"],"title":"Security Notification - Modicon Controllers (V2.0) | Schneider Electric","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.se.com/ww/en/download/document/SEVD-2019-316-02%20/","name":"https://www.se.com/ww/en/download/document/SEVD-2019-316-02%20/","refsource":"nvd@nist.gov","tags":["Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-6852","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6852","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Schneider Electric","product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":"affected Modicon Controllers (M340 CPUs","platforms":[]},{"source":"CNA","vendor":"Schneider Electric","product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":"affected M340 communication modules","platforms":[]},{"source":"CNA","vendor":"Schneider Electric","product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":"affected Premium CPUs","platforms":[]},{"source":"CNA","vendor":"Schneider Electric","product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":"affected Premium communication modules","platforms":[]},{"source":"CNA","vendor":"Schneider Electric","product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":"affected Quantum CPUs","platforms":[]},{"source":"CNA","vendor":"Schneider Electric","product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":"affected Quantum communication modules - see security notification for specific versions)","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"140_cpu6x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"140_cpu6x_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"140_noc_77101","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"140_noc_77101_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"140_noc_78x00","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"140_noc_78x00_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"140_noe_771x1","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"140_noe_771x1_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"bmx_noc_0401","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"bmx_noc_0401_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"bmx_noe_0100","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"bmx_noe_0100_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"bmx_noe_0110","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"bmx_noe_0110_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"bmx_p34x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"bmx_p34x_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"tsx_ety_x103","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"tsx_ety_x103_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"schneider-electric","cpe5":"tsx_p57x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"6852","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"schneider-electric","cpe5":"tsx_p57x_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2019","cve_id":"6852","cve":"CVE-2019-6852","epss":"0.003480000","percentile":"0.575540000","score_date":"2026-06-02","updated_at":"2026-06-03 00:08:17"},"legacy_qids":[{"cve":"CVE-2019-6852","qid":"590847","title":"Schneider Electric Modicon Controllers Multiple Vulnerabilities (SEVD-2019-316-02)"}]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-04T20:31:04.426Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2019-6852","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-05-28T19:38:28.655664Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-28T19:39:27.517Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","vendor":"Schneider Electric","versions":[{"status":"affected","version":"Modicon Controllers (M340 CPUs"},{"status":"affected","version":"M340 communication modules"},{"status":"affected","version":"Premium CPUs"},{"status":"affected","version":"Premium communication modules"},{"status":"affected","version":"Quantum CPUs"},{"status":"affected","version":"Quantum communication modules - see security notification for specific versions)"}]}],"descriptions":[{"lang":"en","value":"A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-200","description":"CWE-200: Information Exposure","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2019-11-20T22:01:49.000Z","orgId":"076d1eb6-cfab-4401-b34d-6dfc2a413bdb","shortName":"schneider"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cybersecurity@schneider-electric.com","ID":"CVE-2019-6852","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Modicon Controllers (M340 CPUs, M340 communication modules,  Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions)","version":{"version_data":[{"version_value":"Modicon Controllers (M340 CPUs"},{"version_value":"M340 communication modules"},{"version_value":"Premium CPUs"},{"version_value":"Premium communication modules"},{"version_value":"Quantum CPUs"},{"version_value":"Quantum communication modules - see security notification for specific versions)"}]}}]},"vendor_name":"Schneider Electric"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-200: Information Exposure"}]}]},"references":{"reference_data":[{"name":"https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/","refsource":"CONFIRM","url":"https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02/"}]}}}},"cveMetadata":{"assignerOrgId":"076d1eb6-cfab-4401-b34d-6dfc2a413bdb","assignerShortName":"schneider","cveId":"CVE-2019-6852","datePublished":"2019-11-20T22:01:49.000Z","dateReserved":"2019-01-25T00:00:00.000Z","dateUpdated":"2026-05-28T19:39:27.517Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2019-11-20 22:15:12","lastModifiedDate":"2026-05-28 20:16:19","problem_types":["CWE-200","CWE-200 CWE-200: Information Exposure"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:bmx_p34x_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"14850FBA-6534-47DB-963A-9D1973CD743E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:bmx_p34x:-:*:*:*:*:*:*:*","matchCriteriaId":"31641D9C-5A26-4632-AF77-DF0596027EBF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:bmx_noe_0100_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"357C2EC3-AF99-4C28-9F25-7535B6279039"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:bmx_noe_0100:-:*:*:*:*:*:*:*","matchCriteriaId":"2E25BD42-AEA0-4834-8EF6-A030F34F3C0E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:bmx_noe_0110_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"245BC693-0C80-433D-B966-7EEC40BDF4B2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:bmx_noe_0110:-:*:*:*:*:*:*:*","matchCriteriaId":"8F06E131-2AAE-4A34-AA96-A4828C01E9FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:bmx_noc_0401_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"0A897B7E-4CBC-48F5-BAF0-D127A73E287C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:bmx_noc_0401:-:*:*:*:*:*:*:*","matchCriteriaId":"790F8548-142B-4F0E-9A1E-B4570DA76917"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:tsx_p57x_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"0194B54A-6A29-4539-8BD3-0A0CCC04DB59"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:tsx_p57x:-:*:*:*:*:*:*:*","matchCriteriaId":"1556D664-D4CF-4B0E-A2AD-262B511F1FBF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:tsx_ety_x103_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"2B550F75-2542-4DED-A588-3D7783652B8D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:tsx_ety_x103:-:*:*:*:*:*:*:*","matchCriteriaId":"E63E90D7-795C-4B98-91D5-BD11DCA34AFA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:140_cpu6x_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"3C678406-4896-4209-B75C-49D4A946DBF1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:140_cpu6x:-:*:*:*:*:*:*:*","matchCriteriaId":"BF08312C-4614-4FE1-AE24-21E1F6E6D3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:140_noe_771x1_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"6090B04C-F4C2-4261-896A-F70019DCD5BC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:140_noe_771x1:-:*:*:*:*:*:*:*","matchCriteriaId":"22AB350E-16AF-433A-A4B6-409DE325B63D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:140_noc_78x00_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"7B735DC2-F3B6-4F16-9747-665466B43EC6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:140_noc_78x00:-:*:*:*:*:*:*:*","matchCriteriaId":"65ED8C96-0B54-4BB6-BFD6-71D54905C517"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:140_noc_77101_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"6EDC7834-486B-4B72-A18D-C6B900F7D090"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:140_noc_77101:-:*:*:*:*:*:*:*","matchCriteriaId":"E7F4A0D3-FD4D-47E9-B4A6-C78348464907"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"6852","Ordinal":"1","Title":"CVE-2019-6852","CVE":"CVE-2019-6852","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"6852","Ordinal":"1","NoteData":"A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.","Type":"Description","Title":"CVE-2019-6852"},{"CveYear":"2019","CveId":"6852","Ordinal":"2","NoteData":"2019-11-20","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"6852","Ordinal":"3","NoteData":"2019-11-20","Type":"Other","Title":"Modified"}]}}}