CVE-2018-7842
published 2019-05-22CVE-2018-7842: A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
35.04%
98.2th percentile
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Schneider Electric Modicon Controllers
cisa_ics·2025-04-24·CVSS 9.8
[CRITICAL] Schneider Electric Modicon Controllers
ICS Advisory
##
Schneider Electric Modicon Controllers
Release DateApril 24, 2025
Alert CodeICSA-25-114-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Schneider Electric
- Equipment: Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum
- Vulnerabilities: Trust Boundary Violation, Uncaught Exception, Exposure of Sensitive Information to an Unauthorized Actor, Authentication Bypass by Spoofing, Improper Access Control, Reliance on Untrusted Inputs in a Security Decision, Out-of-bounds Read
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities may risk execution of unsolici
GHSA
GHSA-36fw-7hg5-xv5p: A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Prem
ghsa_unreviewed·2022-05-24
CVE-2018-7842 [CRITICAL] CWE-290 GHSA-36fw-7hg5-xv5p: A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Prem
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
blogs_talos·2019-06-10·CVSS 9.8
[CRITICAL] Vulnerability Spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
## Vulnerability Spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
Jared Rittle of Cisco Talos discovered these vulnerabilities.
## Executive summary
There are several vulnerabilities in the Schneider Electric Modicon M580 that could lead to a variety of conditions, including denial of service and the disclosure of sensitive information. The Modicon M580 is the latest in Schneider Electric's Modicon line of programmable automation controllers. The majority of the bugs we will discuss exist in UMAS requests made while operating the hardware. In accordance with our coordinated disclosure policy, Cisco Talos worked with Schneider Electric to ensure that these issues are resolved and that an update is available for affected customers.
## Vulnerability details
Schneide
Talos
Vulnerability Spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
blogs_talos·2019-06-10·CVSS 9.8
[CRITICAL] Vulnerability Spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
Jared Rittle of Cisco Talos discovered these vulnerabilities.
### Executive summary
There are several vulnerabilities in the Schneider Electric Modicon M580 that could lead to a variety of conditions, including denial of service and the disclosure of sensitive information. The Modicon M580 is the latest in Schneider Electric's Modicon line of programmable automation controllers. The majority of the bugs we will discuss exist in UMAS requests made while operating the hardware.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Schneider Electric to ensure that these issues are resolved and that an update is available for affected customers.
### Vulnerability details
Schneider Electric Modicon M580 UMAS release reservation denial-of-service vulnerability (TALO
arXiv
The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities around the World
arxiv_fulltext·2021-11-27
The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities around the World
The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities around the World
Simon Daniel Duque Anton,
Daniel Fraunholz,
Daniel Krohmer,
Daniel Reti,
Daniel Schneider,
and Hans Dieter Schotten
This is a pre-print of a paper published in the IEEE Internet of Things Journal.
Please cite as: SD Duque Anton, D Fraunholz, D Krohmer, D Reti, D Schneider, and HD Schotten: The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilites around the World, IEEE Internet of Things Journal, May 2021
S. D. Duque Anton was with the German Research Center for Artificial Intelligence. He is now with the comlet Verteilte Systeme GmbH and with the University of Kaiserslautern.
D. Reti, D. Schneider and H. D. Schotten are with the G
2019-05-22
Published