CVE-2018-7857
published 2019-05-22CVE-2018-7857: A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | modicon_m340_firmware | < 3.01 | 3.01 |
| schneider-electric | modicon_m580_firmware | < 2.80 | 2.80 |
| schneider-electric | modicon_premium_firmware | < 3.20 | 3.20 |
| schneider-electric | modicon_quantum_firmware | < 3.60 | 3.60 |