CVE-2018-7847

CVE-2018-7847

EPSS 3.8%

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service or potential code execution by overwriting configuration settings of the controller over Modbus.

Productos afectados

n/a · Modicon M580 Modicon M340 Modicon Quantum Modicon Premium

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0742 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0743