What is the severity of CVE-2018-7824?

CVE-2018-7824 is considered a critical vulnerability due to its potential for unauthorized write access.

How do I fix CVE-2018-7824?

To fix CVE-2018-7824, update the Schneider Electric Modbus Serial Driver to version 3.17 or later for 64-bit systems and to version 2.17 or later for 32-bit systems.

What systems are affected by CVE-2018-7824?

CVE-2018-7824 affects Schneider Electric Modbus Serial Driver versions 3.17 and prior for 64-bit Windows and versions 2.17 and prior for 32-bit Windows.

What is the nature of CVE-2018-7824 vulnerability?

The nature of CVE-2018-7824 is an Externally Controlled Reference to a Resource, which may lead to unauthorized access and data manipulation.

Is there a workaround for CVE-2018-7824 if I can't update?

Currently, there are no officially documented workarounds for CVE-2018-7824; updating the driver is the recommended action.

Vulnerability/
CVE-2018-7824

medium

6.8

CWE

610

22/5/2019

5/8/2024

CVE-2018-7824

First published: Wed May 22 2019(Updated: )

An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electric Modbus Serial Driver (For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior) which could allow write access to system files available only to users with SYSTEM privilege or other important user files.

Credit: cybersecurity@se.com

Affected Software	Affected Version	How to fix
schneider-electric Modbus Driver suite	<=3.17
Microsoft Windows
schneider-electric Modbus Driver suite	<=2.17
Microsoft Windows
Schneider Electric Modbus Driver Suite	<=14.12

Remedy

https://www.schneider-electric.com/en/download/document/SEVD-2019-099-01/

Never miss a vulnerability like this again

Reference Links

https://www.schneider-electric.com/en/download/document/SEVD-2019-099-01/

Frequently Asked Questions

What is the severity of CVE-2018-7824?
CVE-2018-7824 is considered a critical vulnerability due to its potential for unauthorized write access.
How do I fix CVE-2018-7824?
To fix CVE-2018-7824, update the Schneider Electric Modbus Serial Driver to version 3.17 or later for 64-bit systems and to version 2.17 or later for 32-bit systems.
What systems are affected by CVE-2018-7824?
CVE-2018-7824 affects Schneider Electric Modbus Serial Driver versions 3.17 and prior for 64-bit Windows and versions 2.17 and prior for 32-bit Windows.
What is the nature of CVE-2018-7824 vulnerability?
The nature of CVE-2018-7824 is an Externally Controlled Reference to a Resource, which may lead to unauthorized access and data manipulation.
Is there a workaround for CVE-2018-7824 if I can't update?
Currently, there are no officially documented workarounds for CVE-2018-7824; updating the driver is the recommended action.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/weakness
agent/remedy
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/schneider-electric
canonical/schneider-electric modbus driver suite
version/schneider-electric modbus driver suite/3.17
vendor/microsoft
canonical/microsoft windows
version/schneider-electric modbus driver suite/2.17
canonical/schneider electric modbus driver suite
version/schneider electric modbus driver suite/14.12

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.