Vulnetix
Try Vulnetix Request Demo
CVE-2018-7838 PUBLISHED CVSS 7.800000190734863 HIGH

A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of service on the FTP service of the controller or the Ethernet BMENOC module when it receives a FTP CWD command with a data length greater than 1020 bytes. A power cycle is then needed to reactivate the FTP service.

EPSS 0.37% · 58.4th percentile

Risk Scores

CVSS v2.0
7.800000190734863
EPSS Score
0.37%
58.4th percentile

Affected Products

VendorProductVersions
schneider-electricmodicon_m580_bmep583040_firmware0
schneider-electricmodicon_m580_bmep583020_firmware0
schneider-electricmodicon_m580_bmep582040_firmware0
ModiconModicon M580 CPU - BMEP582040 all versions before V2.90 and Modicon Ethernet Module BMENOC0301 all versions before V2.16Modicon M580 CPU - BMEP582040 all versions before V2.90 and Modicon Ethernet Module BMENOC0301 all versions before V2.16
schneider-electricbmeh586040_firmware0
schneider-electricmodicon_m580_bmep581020_firmware0
schneider-electricbmeh582040_firmware0
schneider-electricmodicon_m580_bmep586040_firmware0
schneider-electricmodicon_m580_bmep582020_firmware0
schneider-electricmodicon_m580_bmep584020_firmware0
schneider-electricmodicon_m580_bmep585040_firmware0
schneider-electricbmenoc0301_firmware0
schneider-electricmodicon_m580_bmep584040_firmware0
schneider-electricmodicon_m580_bmep582040s_firmware0

Timeline

References

Open in Interactive Console →