Intrusion Prevention

SE.Modicon.M580.TFTP.server.Information.Disclosure

Description

This indicates an attack attempt to exploit an Information Disclosure vulnerability in Schneider Electric Modicon M580 TFTP server.
An unauthenticated attacker can exploit this vulnerability by sending a TFTP read request to the vulnerable device. Successful exploitation allows the user to download specific files on the vulnerable device containing sensitive information.

Affected Products

Schneider Electric Modicon M580 BMEP582040 SV2.80

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.schneider-electric.com/en/download/document/SEVD-2019-281-01/

CVE References

CVE-2019-6851