Risk | High |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2018-7240 CVE-2018-7241 CVE-2018-7242 |
CWE-ID | CWE-121 CWE-798 CWE-120 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Modicon X80 RTU Hardware solutions / Firmware Modicon M340 Hardware solutions / Firmware Modicon Quantum Hardware solutions / Firmware Modicon Premium Hardware solutions / Firmware |
Vendor | Schneider Electric |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU11291
Risk: High
CVSSv3.1: 7.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-7240
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists due to the FTP server does not limit the length of a command parameter. A remote attacker can supply specially crafted parameters, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Modicon X80 RTU: All versions
Modicon M340: All versions
Modicon Quantum: All versions
Modicon Premium: All versions
External linkshttp://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=960143...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU11292
Risk: Low
CVSSv3.1: 4.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-7241
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.
The weakness exists due to the FTP servers contain a hard-coded account. A remote attacker can bypass security restrictions and gain unauthorized access to the system.
NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Modicon X80 RTU: All versions
Modicon M340: All versions
Modicon Quantum: All versions
Modicon Premium: All versions
External linkshttp://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=960143...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU11295
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2018-7242
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The weakness exists due to the FTP server does not limit the length of a command parameter. A remote attacker can supply specially crafted parameters, trigger buffer overflow and cause the service to crash.
NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Modicon X80 RTU: All versions
Modicon M340: All versions
Modicon Quantum: All versions
Modicon Premium: All versions
External linkshttp://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=960143...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.