CVE-2018-7850

Published: May 22, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software.

Affected (4)

Products: Schneider Electric: Modicon M580 Firmware, Modicon M340 Firmware, Modicon Quantum Firmware, Modicon Premium Firmware

Schneider Electric

4 products

Modicon M580 Firmware

Modicon M340 Firmware

Modicon Quantum Firmware

Modicon Premium Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon M580 Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicon M580	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon M340 Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicon M340	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon Quantum Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicon Quantum	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon Premium Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicon Premium	All versions

References (4)

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/

Source: cybersecurity@se.com

Vendor Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0743

Source: cybersecurity@se.com

Third Party Advisory

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0743

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.