Schneider Electric Modicon Exposure of Sensitive Information to an Unauthorized Actor (CVE-2019-6852)

high Tenable OT Security Plugin ID 501202


The remote OT asset is affected by a vulnerability.


A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.

This plugin only works with Tenable.ot.
Please visit for more information.


Refer to the vendor advisory.

See Also

Plugin Details

Severity: High

ID: 501202

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 6/29/2023

Updated: 8/22/2023

Supported Sensors: Tenable OT Security

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-6852


Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:schneider-electric:bmx_noc_0401_firmware, cpe:/o:schneider-electric:bmx_noe_0100_firmware, cpe:/o:schneider-electric:bmx_noe_0110_firmware, cpe:/o:schneider-electric:bmx_p34x_firmware

Required KB Items: Tenable.ot/Schneider

Exploit Ease: No known exploits are available

Patch Publication Date: 11/20/2019

Vulnerability Publication Date: 11/20/2019

Reference Information

CVE: CVE-2019-6852

CWE: 200