CVE-2018-7759 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-7759 PUBLISHED CVSS 7.5 HIGH

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.

EPSS 0.82% · 74.3th percentile

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.82%

74.3th percentile

Affected Products

Vendor	Product	Versions
schneider-electric	tsxp574634m_firmware
schneider-electric	tsxh5744m_firmware
schneider-electric	modicon_m340_bmxp3420102cl_firmware
schneider-electric	tsxp576634m_firmware
schneider-electric	tsxp57454m_firmware
schneider-electric	140cpu65260c_firmware
schneider-electric	tsxp57104m_firmware
schneider-electric	tsxp57354m_firmware
schneider-electric	tsxh5744mc_firmware
schneider-electric	tsxp57104mc_firmware
schneider-electric	140cpu65860_firmware
schneider-electric	tsxp573634m_firmware
schneider-electric	tsxp57554m_firmware
schneider-electric	tsxp57154m_firmware
schneider-electric	tsxp57354mc_firmware
schneider-electric	tsxp57554mc_firmware
schneider-electric	140cpu43412uc_firmware
schneider-electric	modicon_m340_bmxp342020h_firmware
schneider-electric	tsxp573634mc_firmware
schneider-electric	tsxp575634mc_firmware

…and 38 more

Timeline

Mar 23, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Mar 5, 2023 EPSS Score

References

Open in Interactive Console →