6.8
CVE-2018-7851
- EPSS 0.33%
- Published 22.05.2019 20:29:01
- Last modified 21.11.2024 04:12:52
- Source cybersecurity@se.com
- Teams watchlist Login
- Open Login
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.
Data is provided by the National Vulnerability Database (NVD)
Schneider-electric ≫ M580 Firmware Version < 2.50
Schneider-electric ≫ Bmeh582040 Version-
Schneider-electric ≫ Bmeh582040c Version-
Schneider-electric ≫ Bmeh584040 Version-
Schneider-electric ≫ Bmeh584040c Version-
Schneider-electric ≫ Bmeh586040 Version-
Schneider-electric ≫ Bmeh586040c Version-
Schneider-electric ≫ Modicon M580 Bmep581020 Version-
Schneider-electric ≫ Modicon M580 Bmep581020h Version-
Schneider-electric ≫ Modicon M580 Bmep582020 Version-
Schneider-electric ≫ Modicon M580 Bmep582020h Version-
Schneider-electric ≫ Modicon M580 Bmep582040 Version-
Schneider-electric ≫ Modicon M580 Bmep582040h Version-
Schneider-electric ≫ Modicon M580 Bmep582040s Version-
Schneider-electric ≫ Modicon M580 Bmep583020 Version-
Schneider-electric ≫ Modicon M580 Bmep583040 Version-
Schneider-electric ≫ Modicon M580 Bmep584020 Version-
Schneider-electric ≫ Modicon M580 Bmep584040 Version-
Schneider-electric ≫ Modicon M580 Bmep584040s Version-
Schneider-electric ≫ Modicon M580 Bmep585040 Version-
Schneider-electric ≫ Modicon M580 Bmep585040c Version-
Schneider-electric ≫ Modicon M580 Bmep586040 Version-
Schneider-electric ≫ Modicon M580 Bmep586040c Version-
Schneider-electric ≫ Bmeh582040c Version-
Schneider-electric ≫ Bmeh584040 Version-
Schneider-electric ≫ Bmeh584040c Version-
Schneider-electric ≫ Bmeh586040 Version-
Schneider-electric ≫ Bmeh586040c Version-
Schneider-electric ≫ Modicon M580 Bmep581020 Version-
Schneider-electric ≫ Modicon M580 Bmep581020h Version-
Schneider-electric ≫ Modicon M580 Bmep582020 Version-
Schneider-electric ≫ Modicon M580 Bmep582020h Version-
Schneider-electric ≫ Modicon M580 Bmep582040 Version-
Schneider-electric ≫ Modicon M580 Bmep582040h Version-
Schneider-electric ≫ Modicon M580 Bmep582040s Version-
Schneider-electric ≫ Modicon M580 Bmep583020 Version-
Schneider-electric ≫ Modicon M580 Bmep583040 Version-
Schneider-electric ≫ Modicon M580 Bmep584020 Version-
Schneider-electric ≫ Modicon M580 Bmep584040 Version-
Schneider-electric ≫ Modicon M580 Bmep584040s Version-
Schneider-electric ≫ Modicon M580 Bmep585040 Version-
Schneider-electric ≫ Modicon M580 Bmep585040c Version-
Schneider-electric ≫ Modicon M580 Bmep586040 Version-
Schneider-electric ≫ Modicon M580 Bmep586040c Version-
Schneider-electric ≫ M340 Firmware Version < 3.01
Schneider-electric ≫ Modicon M340 Bmxp341000 Version-
Schneider-electric ≫ Modicon M340 Bmxp341000h Version-
Schneider-electric ≫ Modicon M340 Bmxp342000 Version-
Schneider-electric ≫ Modicon M340 Bmxp3420102 Version-
Schneider-electric ≫ Modicon M340 Bmxp3420102cl Version-
Schneider-electric ≫ Modicon M340 Bmxp342020 Version-
Schneider-electric ≫ Modicon M340 Bmxp342020h Version-
Schneider-electric ≫ Modicon M340 Bmxp3420302 Version-
Schneider-electric ≫ Modicon M340 Bmxp3420302cl Version-
Schneider-electric ≫ Modicon M340 Bmxp3420302h Version-
Schneider-electric ≫ Modicon M340 Bmxp341000h Version-
Schneider-electric ≫ Modicon M340 Bmxp342000 Version-
Schneider-electric ≫ Modicon M340 Bmxp3420102 Version-
Schneider-electric ≫ Modicon M340 Bmxp3420102cl Version-
Schneider-electric ≫ Modicon M340 Bmxp342020 Version-
Schneider-electric ≫ Modicon M340 Bmxp342020h Version-
Schneider-electric ≫ Modicon M340 Bmxp3420302 Version-
Schneider-electric ≫ Modicon M340 Bmxp3420302cl Version-
Schneider-electric ≫ Modicon M340 Bmxp3420302h Version-
Schneider-electric ≫ Bmx/e Cra Firmware Version < 2.40
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.555 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.