Vulnerabilities > CVE-2018-7849 - Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 | |
| Hardware | 4 |
Common Weakness Enumeration (CWE)
Talos
| id | TALOS-2018-0737 |
| last seen | 2019-06-11 |
| published | 2019-06-10 |
| reporter | Talos Intelligence |
| source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737 |
| title | Schneider Electric Modicon M580 UMAS strategy transfer denial-of-service vulnerability |