7.5
CVE-2018-7794
- EPSS 0.39%
- Published 06.01.2020 23:15:10
- Last modified 21.11.2024 04:12:44
- Source cybersecurity@se.com
- Teams watchlist Login
- Open Login
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.
Data is provided by the National Vulnerability Database (NVD)
Schneider-electric ≫ Modicon M580 Firmware Version < 2.80
Schneider-electric ≫ Modicon M340 Firmware Version < 3.01
Schneider-electric ≫ Tsxh5744m Firmware Version < 3.20
Schneider-electric ≫ Tsxh5724m Firmware Version < 3.20
Schneider-electric ≫ Tsxp576634m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57554m Firmware Version < 3.20
Schneider-electric ≫ Tsxp575634m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57454m Firmware Version < 3.20
Schneider-electric ≫ Tsxp574634m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57354m Firmware Version < 3.20
Schneider-electric ≫ Tsxp573634m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57304m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57254m Firmware Version < 3.20
Schneider-electric ≫ Tsxp572634m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57204m Firmware Version < 3.20
Schneider-electric ≫ Tsxp571634m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57154m Firmware Version < 3.20
Schneider-electric ≫ Tsxp57104m Firmware Version < 3.20
Schneider-electric ≫ 140cpu65150 Firmware Version < 3.52
Schneider-electric ≫ 140cpu65160 Firmware Version < 3.52
Schneider-electric ≫ 140cpu65260 Firmware Version < 3.52
Schneider-electric ≫ 140cpu67261 Firmware Version < 3.52
Schneider-electric ≫ 140cpu67060 Firmware Version < 3.52
Schneider-electric ≫ 140cpu67160 Firmware Version < 3.52
Schneider-electric ≫ 140cpu67261 Firmware Version < 3.52
Schneider-electric ≫ 140cpu67260 Firmware Version < 3.52
Schneider-electric ≫ 140cpu65860 Firmware Version < 3.52
Schneider-electric ≫ 140cpu67861 Firmware Version < 3.52
Schneider-electric ≫ 140cpu65160s Firmware Version < 3.52
Schneider-electric ≫ 140cpu67160s Firmware Version < 3.52
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.57 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.