CVE-2018-7851

CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.

CVSS v3.0 6.5 MEDIUM
CVSS v2.0 6.8 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:schneider-electric:m580_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:::::::*
	cpe:2.3:h:schneider-electric:bmeh584040:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:::::::*
	cpe:2.3:h:schneider-electric:bmeh586040:-:::::::*
	cpe:2.3:h:schneider-electric:bmeh586040c:-:::::::*
	cpe:2.3:h:schneider-electric:bmeh582040:-:::::::*
	cpe:2.3:h:schneider-electric:bmeh582040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:::::::*
	cpe:2.3:h:schneider-electric:bmeh584040c:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:::::::*
	cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:schneider-electric:m340_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:schneider-electric:bmxp3420302cl:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp3420302h:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp342020:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp342020h:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp342000:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp3420102cl:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp341000:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp3420102:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp3420302:-:::::::*
	cpe:2.3:h:schneider-electric:bmxp341000h:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:schneider-electric:bmx\/e_cra_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:schneider-electric:bmxcra31200:-:::::::*
	cpe:2.3:h:schneider-electric:bmxcra31210c:-:::::::*

Configuration 4 (hide)

AND

cpe:2.3:o:schneider-electric:modicon_premium_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_premium:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:schneider-electric:140cra312xxx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:140cra312xxx:-:*:*:*:*:*:*:*

Information

Published : 2019-05-22 13:29

Updated : 2022-04-19 08:35

NVD link : CVE-2018-7851

Mitre link : CVE-2018-7851

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

schneider-electric

bmxp341000h
bmxp3420102cl
bmxp342000
modicon_m580_bmep582020
bmeh584040c
bmxp3420302
modicon_m580_bmep585040
bmxp342020h
modicon_premium_firmware
modicon_m580_bmep584040
bmeh586040
bmxp341000
bmx\/e_cra_firmware
modicon_m580_bmep585040c
modicon_m580_bmep582040s
140cra312xxx_firmware
bmxcra31210c
modicon_m580_bmep581020h
140cra312xxx
modicon_m580_bmep584040s
bmeh584040
bmxp3420302h
modicon_m580_bmep586040
bmeh582040
m340_firmware
modicon_m580_bmep582040
modicon_m580_bmep581020
modicon_m580_bmep582040h
m580_firmware
modicon_premium
bmxp3420102
modicon_m580_bmep584020
bmeh586040c
modicon_m580_bmep583040
bmxp342020
modicon_m580_bmep583020
bmeh582040c
modicon_m580_bmep586040c
modicon_m580_bmep582020h
bmxcra31200
bmxp3420302cl

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-7851", "ASSIGNER": "cybersecurity@schneider-electric.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}}, "publishedDate": "2019-05-22T20:29Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:schneider-electric:m580_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.50"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmeh584040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmeh586040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmeh586040c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmeh582040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmeh582040c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmeh584040c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:schneider-electric:m340_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.01"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp3420302cl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp3420302h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp342020:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp342020h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp342000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp3420102cl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp341000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp3420102:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp3420302:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxp341000h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:schneider-electric:bmx\\/e_cra_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.40"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxcra31200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:schneider-electric:bmxcra31210c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:schneider-electric:modicon_premium_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_premium:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:schneider-electric:140cra312xxx_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:schneider-electric:140cra312xxx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-04-19T15:35Z"}

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2018-7851

6.5^/10

6.8^/10

Attach tags to `CVE-2018-7851`