Vulnerability CVE-2018-7851


Published: 2019-05-22   Modified: 2019-05-23

Description:
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Schneider-electric -> 140cra312xxx firmware 
Schneider-electric -> Modicon premium firmware 

 References:
https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/

Copyright 2022, cxsecurity.com

 

Back to Top