CVE-2018-7788

CWE-2553 documents3 sources

Severity

6.5MEDIUM

EPSS

0.4%

top 38.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Modicon Quantum Firmware

Timeline

PublishedMay 22

Latest updateMay 24

Description

A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5modicon_quantum_with_firmware_versions_prior_to_v2.40.Modicon Quantum with firmware versions prior to V2.40.

▶NVDschneider-electric/modicon_quantum_firmware< 2.40

Patches

Patch: www.schneider-electric.com ↗Patch: www.schneider-electric.com ↗

🔴Vulnerability Details

GHSA

GHSA-4pc3-f84w-r58f: A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2↗2022-05-24

▶

CVEList

CVE-2018-7788: A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2↗2019-05-22

▶