Details of VAR-201907-1422

ID

VAR-201907-1422

CVE

CVE-2018-7838

TITLE

Modicon M580 CPU and Modicon Ethernet Module Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015892

DESCRIPTION

A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of service on the FTP service of the controller or the Ethernet BMENOC module when it receives a FTP CWD command with a data length greater than 1020 bytes. A power cycle is then needed to reactivate the FTP service. Modicon M580 CPU and Modicon Ethernet Module Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state

Trust: 1.62

sources: NVD: CVE-2018-7838 // JVNDB: JVNDB-2018-015892

AFFECTED PRODUCTS

vendor:	schneider electric	model:	bmenoc0301	scope:	lt	version:	2.16	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep582020	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep581020	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep584020	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep582040s	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	bmeh586040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep583040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep586040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep583020	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep585040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep582040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	bmeh582040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	modicon m580 bmep584040	scope:	lt	version:	2.90	Trust: 1.0
vendor:	schneider electric	model:	bmeh586040	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmenoc0301	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep581020	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep582020	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep582040	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep583020	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep583040	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep584020	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep584040	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmep586040	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2018-015892 // NVD: CVE-2018-7838

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2018-7838
value:	HIGH
Trust: 1.8
CNNVD:	CNNVD-201905-727
value:	HIGH
Trust: 0.6

NVD:	CVE-2018-7838
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

NVD:	CVE-2018-7838
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2018-7838
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2018-015892 // CNNVD: CNNVD-201905-727 // NVD: CVE-2018-7838

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2018-015892 // NVD: CVE-2018-7838

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-727

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201905-727

CONFIGURATIONS

sources: NVD: CVE-2018-7838

PATCH

title:	SEVD-2019-190-03	url:	https://www.schneider-electric.com/ww/en/download/document/sevd-2019-190-03	Trust: 0.8
title:	Schneider Electric Modicon M580 CPU - BMEP582040 and Ethernet Module BMENOC0301 Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96123	Trust: 0.6

sources: JVNDB: JVNDB-2018-015892 // CNNVD: CNNVD-201905-727

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7838	Trust: 2.4
db:	SCHNEIDER	id:	SEVD-2019-190-03	Trust: 1.6
db:	JVNDB	id:	JVNDB-2018-015892	Trust: 0.8
db:	ICS CERT	id:	ICSA-19-136-01	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1787	Trust: 0.6
db:	CNNVD	id:	CNNVD-201905-727	Trust: 0.6

sources: JVNDB: JVNDB-2018-015892 // CNNVD: CNNVD-201905-727 // NVD: CVE-2018-7838

REFERENCES

url:	https://www.schneider-electric.com/ww/en/download/document/sevd-2019-190-03	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7838	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7838	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-19-136-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.1787/	Trust: 0.6

sources: JVNDB: JVNDB-2018-015892 // CNNVD: CNNVD-201905-727 // NVD: CVE-2018-7838

CREDITS

David Formby and Raheem Beyah of Fortiphyd Logic and Georgia Tech reported this vulnerability to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201905-727

SOURCES

db:	JVNDB	id:	JVNDB-2018-015892
db:	CNNVD	id:	CNNVD-201905-727
db:	NVD	id:	CVE-2018-7838

LAST UPDATE DATE

2022-05-04T09:38:40.369000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2018-015892	date:	2019-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201905-727	date:	2019-09-04T00:00:00
db:	NVD	id:	CVE-2018-7838	date:	2022-04-19T15:36:00

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2018-015892	date:	2019-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201905-727	date:	2019-05-16T00:00:00
db:	NVD	id:	CVE-2018-7838	date:	2019-07-15T21:15:00