CVE-2018-7759

7.5HIGH

Key Information:

Vendor: Schneider Electric
Status: Modicon M340, Modicon Premium, Modicon Quantum, Bmxnor0200
Vendor: CVE Published:; 18 April 2018

Summary

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.

Affected Version(s)

Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0200 All Modicon M340, Premium, Quantum PLCs and BMXNOR0200

References

https://www.schneider-electric.com/en/download/document/S...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 18, 2018
Vulnerability Reserved
Mar 8, 2018