Sign-up

ID

VAR-201905-1028


CVE

CVE-2018-7846


TITLE

plural Modicon Product Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015479

DESCRIPTION

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. plural Modicon Product Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M580 and other products are products of Schneider Electric (France). Schneider Electric Modicon M580 is a programmable automation controller. Schneider Electric Modicon Premium is a large programmable logic controller (PLC) for discrete or process applications. Schneider Electric Modicon Quantum is a large programmable logic controller (PLC) for process applications, high availability and safety solutions. A buffer overflow vulnerability exists in several Schneider Electric products. Attackers can exploit this vulnerability to gain unauthorized access through brute force. The following products and versions are affected: Schneider Electric Modicon M580 (all versions); Modicon M340 (all versions); Modicon Quantum (all versions); Modicon Premium (all versions)

Trust: 2.52

sources: NVD: CVE-2018-7846 // JVNDB: JVNDB-2018-015479 // CNVD: CNVD-2019-45192 // IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b // VULHUB: VHN-137878 // VULMON: CVE-2018-7846

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b // CNVD: CNVD-2019-45192

AFFECTED PRODUCTS

vendor:schneider electricmodel:modicon premiumscope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon quantumscope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon m580scope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon m340scope:eqversion:*

Trust: 1.0

vendor:schneider electricmodel:modicon m340scope: - version: -

Trust: 0.8

vendor:schneider electricmodel:modicon m580scope: - version: -

Trust: 0.8

vendor:schneider electricmodel:modicon premium plcscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:modicon quantum plcscope: - version: -

Trust: 0.8

vendor:schneidermodel:electric modicon m580scope: - version: -

Trust: 0.6

vendor:schneidermodel:electric modicon m340scope: - version: -

Trust: 0.6

vendor:schneidermodel:electric modicon quantumscope: - version: -

Trust: 0.6

vendor:schneidermodel:electric modicon premiumscope: - version: -

Trust: 0.6

vendor:modicon m580model: - scope:eqversion:*

Trust: 0.2

vendor:modicon m340model: - scope:eqversion:*

Trust: 0.2

vendor:modicon quantummodel: - scope:eqversion:*

Trust: 0.2

vendor:modicon premiummodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b // CNVD: CNVD-2019-45192 // JVNDB: JVNDB-2018-015479 // NVD: CVE-2018-7846

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-7846
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-7846
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-45192
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201905-919
value: CRITICAL

Trust: 0.6

IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b
value: CRITICAL

Trust: 0.2

VULHUB: VHN-137878
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-7846
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-7846
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-45192
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-137878
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-7846
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-7846
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b // CNVD: CNVD-2019-45192 // VULHUB: VHN-137878 // VULMON: CVE-2018-7846 // JVNDB: JVNDB-2018-015479 // CNNVD: CNNVD-201905-919 // NVD: CVE-2018-7846

PROBLEMTYPE DATA

problemtype:CWE-668

Trust: 1.0

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-137878 // JVNDB: JVNDB-2018-015479 // NVD: CVE-2018-7846

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-919

TYPE

Buffer error

Trust: 0.8

sources: IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b // CNNVD: CNNVD-201905-919

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015479

PATCH
title:SEVD-2019-134-11url:https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-015479

EXTERNAL IDS
db:NVDid:CVE-2018-7846
Trust: 3.4
db:TALOSid:TALOS-2018-0735
Trust: 1.8
db:SCHNEIDERid:SEVD-2019-134-11
Trust: 1.8
db:CNNVDid:CNNVD-201905-919
Trust: 0.9
db:CNVDid:CNVD-2019-45192
Trust: 0.8
db:JVNDBid:JVNDB-2018-015479
Trust: 0.8
db:IVDid:8A070701-FCBA-4DD8-8631-FCEC23C09A5B
Trust: 0.2
db:VULHUBid:VHN-137878
Trust: 0.1
db:VULMONid:CVE-2018-7846
Trust: 0.1
sources:
            
            
            IVD: 8a070701-fcba-4dd8-8631-fcec23c09a5b // 
            
            
            
            CNVD: CNVD-2019-45192 // 
            
            
            
            VULHUB: VHN-137878 // 
            
            
            
            VULMON: CVE-2018-7846 // 
            
            
            
            JVNDB: JVNDB-2018-015479 // 
            
            
            
            CNNVD: CNNVD-201905-919 // 
            
            
            
            NVD: CVE-2018-7846

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2018-7846
Trust: 2.0
url:https://www.schneider-electric.com/en/download/document/sevd-2019-134-11/
Trust: 1.8
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0735
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7846
Trust: 0.8
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0735
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/668.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-45192 // 
            
            
            
            VULHUB: VHN-137878 // 
            
            
            
            VULMON: CVE-2018-7846 // 
            
            
            
            JVNDB: JVNDB-2018-015479 // 
            
            
            
            CNNVD: CNNVD-201905-919 // 
            
            
            
            NVD: CVE-2018-7846

CREDITS
Discovered by Jared Rittle of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-919

SOURCES
db:IVDid:8a070701-fcba-4dd8-8631-fcec23c09a5b
db:CNVDid:CNVD-2019-45192
db:VULHUBid:VHN-137878
db:VULMONid:CVE-2018-7846
db:JVNDBid:JVNDB-2018-015479
db:CNNVDid:CNNVD-201905-919
db:NVDid:CVE-2018-7846

LAST UPDATE DATE
2024-11-23T21:52:12.386000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-45192date:2019-12-13T00:00:00
db:VULHUBid:VHN-137878date:2020-08-24T00:00:00
db:VULMONid:CVE-2018-7846date:2022-02-03T00:00:00
db:JVNDBid:JVNDB-2018-015479date:2019-06-07T00:00:00
db:CNNVDid:CNNVD-201905-919date:2022-03-10T00:00:00
db:NVDid:CVE-2018-7846date:2024-11-21T04:12:52.140

SOURCES RELEASE DATE
db:IVDid:8a070701-fcba-4dd8-8631-fcec23c09a5bdate:2019-12-13T00:00:00
db:CNVDid:CNVD-2019-45192date:2019-12-13T00:00:00
db:VULHUBid:VHN-137878date:2019-05-22T00:00:00
db:VULMONid:CVE-2018-7846date:2019-05-22T00:00:00
db:JVNDBid:JVNDB-2018-015479date:2019-06-07T00:00:00
db:CNNVDid:CNNVD-201905-919date:2019-05-22T00:00:00
db:NVDid:CVE-2018-7846date:2019-05-22T20:29:01.667