Multiple vulnerabilities in Schneider Electric Modicon Controllers
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-7794 CVE-2019-6856 |
| CWE-ID | N/A |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Modicon M580 Hardware solutions / Firmware Modicon M340 Hardware solutions / Firmware Modicon Premium Hardware solutions / Firmware Modicon Quantum Hardware solutions / Firmware |
| Vendor | Schneider Electric |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper Check for Unusual or Exceptional Conditions
EUVDB-ID: #VU24374
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7794
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions. A remote attacker can cause a denial of service condition when reading data with invalid index using Modbus TCP.
Install updates from vendor's website.
Vulnerable software versionsModicon M580: 1.04 - 2.50
Modicon M340: before 3.01
Modicon Premium: before 3.20
Modicon Quantum: before 3.52
External linkshttp://www.se.com/ww/en/download/document/SEVD-2019-344-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Check for Unusual or Exceptional Conditions
EUVDB-ID: #VU24373
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-6856
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions. A remote attacker can cause a denial of service condition when writing specific physical memory blocks using Modbus TCP.
MitigationInstall updates from vendor's website.
Vulnerable software versionsModicon M580: 1.04 - 2.50
Modicon M340: before 3.01
Modicon Premium: before 3.20
Modicon Quantum: before 3.52
External linkshttp://www.se.com/ww/en/download/document/SEVD-2019-344-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
