Sign-up

ID

VAR-201905-1027


CVE

CVE-2018-7845


TITLE

plural Modicon Product out-of-bounds vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015478

DESCRIPTION

A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus. plural Modicon The product contains an out-of-bounds vulnerability.Information may be obtained. Schneider Electric Modicon M580 and other products are products of Schneider Electric (France). Schneider Electric Modicon M580 is a programmable automation controller. Schneider Electric Modicon Premium is a large programmable logic controller (PLC) for discrete or process applications. Schneider Electric Modicon Quantum is a large programmable logic controller (PLC) for process applications, high availability and safety solutions. Multiple Schneider Electric products have buffer overflow vulnerabilities that could be exploited by an attacker to cause a buffer overflow or heap overflow. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Schneider Electric Modicon M580 (all versions); Modicon M340 (all versions); Modicon Quantum (all versions); Modicon Premium (all versions)

Trust: 2.52

sources: NVD: CVE-2018-7845 // JVNDB: JVNDB-2018-015478 // CNVD: CNVD-2019-34829 // IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0 // VULHUB: VHN-137877 // VULMON: CVE-2018-7845

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0 // CNVD: CNVD-2019-34829

AFFECTED PRODUCTS

vendor:schneider electricmodel:modicon premiumscope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon quantumscope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon m580scope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon m340scope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon m340scope: - version: -

Trust: 0.8

vendor:schneider electricmodel:modicon m580scope: - version: -

Trust: 0.8

vendor:schneider electricmodel:modicon premium plcscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:modicon quantum plcscope: - version: -

Trust: 0.8

vendor:schneidermodel:electric modicon m340scope: - version: -

Trust: 0.6

vendor:schneidermodel:electric modicon m580scope: - version: -

Trust: 0.6

vendor:schneidermodel:electric modicon premiumscope: - version: -

Trust: 0.6

vendor:schneidermodel:electric modicon quantumscope: - version: -

Trust: 0.6

vendor:modicon m580model: - scope:eqversion:*

Trust: 0.2

vendor:modicon m340model: - scope:eqversion:*

Trust: 0.2

vendor:modicon quantummodel: - scope:eqversion:*

Trust: 0.2

vendor:modicon premiummodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0 // CNVD: CNVD-2019-34829 // JVNDB: JVNDB-2018-015478 // NVD: CVE-2018-7845

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-7845
value: HIGH

Trust: 1.0

NVD: CVE-2018-7845
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-34829
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201905-918
value: HIGH

Trust: 0.6

IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0
value: HIGH

Trust: 0.2

VULHUB: VHN-137877
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-7845
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-7845
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-34829
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-137877
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-7845
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2018-7845
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0 // CNVD: CNVD-2019-34829 // VULHUB: VHN-137877 // VULMON: CVE-2018-7845 // JVNDB: JVNDB-2018-015478 // CNNVD: CNNVD-201905-918 // NVD: CVE-2018-7845

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.9

sources: VULHUB: VHN-137877 // JVNDB: JVNDB-2018-015478 // NVD: CVE-2018-7845

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-918

TYPE

Buffer error

Trust: 0.8

sources: IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0 // CNNVD: CNNVD-201905-918

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015478

PATCH
title:SEVD-2019-134-11url:https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/
Trust: 0.8
title: - url:https://github.com/yanissec/CVE-2018-7845 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-7845 // 
            
            
            
            JVNDB: JVNDB-2018-015478

EXTERNAL IDS
db:NVDid:CVE-2018-7845
Trust: 3.4
db:TALOSid:TALOS-2018-0745
Trust: 1.8
db:SCHNEIDERid:SEVD-2019-134-11
Trust: 1.8
db:CNNVDid:CNNVD-201905-918
Trust: 0.9
db:CNVDid:CNVD-2019-34829
Trust: 0.8
db:JVNDBid:JVNDB-2018-015478
Trust: 0.8
db:IVDid:292A6AF5-A48A-4485-A9C5-805CC5BD52E0
Trust: 0.2
db:VULHUBid:VHN-137877
Trust: 0.1
db:VULMONid:CVE-2018-7845
Trust: 0.1
sources:
            
            
            IVD: 292a6af5-a48a-4485-a9c5-805cc5bd52e0 // 
            
            
            
            CNVD: CNVD-2019-34829 // 
            
            
            
            VULHUB: VHN-137877 // 
            
            
            
            VULMON: CVE-2018-7845 // 
            
            
            
            JVNDB: JVNDB-2018-015478 // 
            
            
            
            CNNVD: CNNVD-201905-918 // 
            
            
            
            NVD: CVE-2018-7845

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2018-7845
Trust: 2.0
url:https://www.schneider-electric.com/en/download/document/sevd-2019-134-11/
Trust: 1.8
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0745
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7845
Trust: 0.8
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0745
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/125.html
Trust: 0.1
url:https://github.com/yanissec/cve-2018-7845
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-34829 // 
            
            
            
            VULHUB: VHN-137877 // 
            
            
            
            VULMON: CVE-2018-7845 // 
            
            
            
            JVNDB: JVNDB-2018-015478 // 
            
            
            
            CNNVD: CNNVD-201905-918 // 
            
            
            
            NVD: CVE-2018-7845

CREDITS
Discovered by Jared Rittle of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-918

SOURCES
db:IVDid:292a6af5-a48a-4485-a9c5-805cc5bd52e0
db:CNVDid:CNVD-2019-34829
db:VULHUBid:VHN-137877
db:VULMONid:CVE-2018-7845
db:JVNDBid:JVNDB-2018-015478
db:CNNVDid:CNNVD-201905-918
db:NVDid:CVE-2018-7845

LAST UPDATE DATE
2024-11-23T21:52:16.470000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-34829date:2019-10-12T00:00:00
db:VULHUBid:VHN-137877date:2019-06-10T00:00:00
db:VULMONid:CVE-2018-7845date:2022-02-03T00:00:00
db:JVNDBid:JVNDB-2018-015478date:2019-06-07T00:00:00
db:CNNVDid:CNNVD-201905-918date:2022-03-10T00:00:00
db:NVDid:CVE-2018-7845date:2024-11-21T04:12:52.027

SOURCES RELEASE DATE
db:IVDid:292a6af5-a48a-4485-a9c5-805cc5bd52e0date:2019-10-12T00:00:00
db:CNVDid:CNVD-2019-34829date:2019-10-11T00:00:00
db:VULHUBid:VHN-137877date:2019-05-22T00:00:00
db:VULMONid:CVE-2018-7845date:2019-05-22T00:00:00
db:JVNDBid:JVNDB-2018-015478date:2019-06-07T00:00:00
db:CNNVDid:CNNVD-201905-918date:2019-05-22T00:00:00
db:NVDid:CVE-2018-7845date:2019-05-22T20:29:01.620