VDB

CVE-2018-7759

CVE-2018-7759 PUBLISHED CVSS 7.5 HIGH

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.

EPSS 0.82% · 74.8th percentile

Risk Scores

CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.82%
74.8th percentile

Affected Products

VendorProductVersions
schneider-electrictsxp574634m_firmware
schneider-electrictsxh5744m_firmware
schneider-electricmodicon_m340_bmxp3420102cl_firmware
schneider-electrictsxp576634m_firmware
schneider-electrictsxp57454m_firmware
schneider-electric140cpu65260c_firmware
schneider-electrictsxp57104m_firmware
schneider-electrictsxp57354m_firmware
schneider-electrictsxh5744mc_firmware
schneider-electrictsxp57104mc_firmware
schneider-electric140cpu65860_firmware
schneider-electrictsxp573634m_firmware
schneider-electrictsxp57554m_firmware
schneider-electrictsxp57154m_firmware
schneider-electrictsxp57354mc_firmware
schneider-electrictsxp57554mc_firmware
schneider-electric140cpu43412uc_firmware
schneider-electricmodicon_m340_bmxp342020h_firmware
schneider-electrictsxp573634mc_firmware
schneider-electrictsxp575634mc_firmware

…and 38 more

Exploit Intelligence

Timeline

  • Mar 23, 2018 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›