Vulnerabilities > CVE-2018-7854 - Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Talos
id | TALOS-2019-0765 |
last seen | 2019-06-10 |
published | 2019-06-10 |
reporter | Talos Intelligence |
source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0765 |
title | Schneider Electric Modicon M580 UMAS function code 0x65 denial-of-service vulnerability |