Vulnerabilities > CVE-2020-7502 - Out-of-bounds Write vulnerability in Schneider-Electric Modicon M218 Firmware 4.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

schneider-electric

CWE-787

NVD

Published: 2020-06-16

Updated: 2022-01-31

Summary

A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.

Vulnerable Configurations

Part	Description	Count
OS	Schneider-Electric Schneider Electric Modicon M218 Firmware - Schneider Electric Modicon M218 Firmware 4.3	2
Hardware	Schneider-Electric Schneider Electric Modicon M218 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.se.com/ww/en/download/document/SEVD-2020-161-01