| An exploitable information disclosure vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return arbitrary memory, resulting in the potential disclosure of system addresses. |
