ID CVE-2018-7843
概要 A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus.
参考情報
影響を受ける設定
  • cpe:2.3:o:schneider-electric:modicon_m580_firmware
    cpe:2.3:o:schneider-electric:modicon_m580_firmware
  • cpe:2.3:h:schneider-electric:modicon_m580
    cpe:2.3:h:schneider-electric:modicon_m580
  • cpe:2.3:o:schneider-electric:modicon_m340_firmware
    cpe:2.3:o:schneider-electric:modicon_m340_firmware
  • cpe:2.3:h:schneider-electric:modicon_m340
    cpe:2.3:h:schneider-electric:modicon_m340
  • cpe:2.3:o:schneider-electric:modicon_quantum_firmware
    cpe:2.3:o:schneider-electric:modicon_quantum_firmware
  • cpe:2.3:h:schneider-electric:modicon_quantum
    cpe:2.3:h:schneider-electric:modicon_quantum
  • cpe:2.3:o:schneider-electric:modicon_premium_firmware
    cpe:2.3:o:schneider-electric:modicon_premium_firmware
  • cpe:2.3:h:schneider-electric:modicon_premium
    cpe:2.3:h:schneider-electric:modicon_premium
CVSS
Base: 5.0
Impact: -
Exploitability:-
CWE CWE-399
CAPEC
refmap via4
misc https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/
更新日時 22-05-2019 - 16:29
公開日時 22-05-2019 - 16:29
更改日時 10-06-2019 - 13:29
Back to Top