CVE-2018-7794

Summary

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.

Affected Software

VendorProductVersion RangeStatus
Schneider Electric SEModicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)Modicon M580affected
Schneider Electric SEModicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)Modicon M340affected
Schneider Electric SEModicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)Modicon Quantumaffected
Schneider Electric SEModicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions)Modicon Premium (see security notification for specific versions)affected

Weaknesses

  • CWE-754: CWE-754: Improper Check for Unusual or Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References