CVE-2018-7851: Buffer Overflow
First published: Wed May 22 2019(Updated: )
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.
Credit: cybersecurity@se.com cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric M580 Firmware | <2.50 | |
| Schneider-electric Bmeh582040 | ||
| Schneider-electric Bmeh582040c | ||
| Schneider-electric Bmeh584040 | ||
| Schneider-electric Bmeh584040c | ||
| Schneider-electric Bmeh586040 | ||
| Schneider-electric Bmeh586040c | ||
| Schneider-electric Modicon M580 Bmep581020 | ||
| Schneider-electric Modicon M580 Bmep581020h | ||
| Schneider-electric Modicon M580 Bmep582020 | ||
| Schneider-electric Modicon M580 Bmep582020h | ||
| Schneider-electric Modicon M580 Bmep582040 | ||
| Schneider-electric Modicon M580 Bmep582040h | ||
| Schneider-electric Modicon M580 Bmep582040s | ||
| Schneider-electric Modicon M580 Bmep583020 | ||
| Schneider-electric Modicon M580 Bmep583040 | ||
| Schneider-electric Modicon M580 Bmep584020 | ||
| Schneider-electric Modicon M580 Bmep584040 | ||
| Schneider-electric Modicon M580 Bmep584040s | ||
| Schneider-electric Modicon M580 Bmep585040 | ||
| Schneider-electric Modicon M580 Bmep585040c | ||
| Schneider-electric Modicon M580 Bmep586040 | ||
| Schneider-electric Modicon M580 Bmep586040c | ||
| Schneider-electric M340 Firmware | <3.01 | |
| Schneider-electric Bmxp341000 | ||
| Schneider-electric Bmxp341000h | ||
| Schneider-electric Bmxp342000 | ||
| Schneider-electric Bmxp3420102 | ||
| Schneider-electric Bmxp3420102cl | ||
| Schneider-electric Bmxp342020 | ||
| Schneider-electric Bmxp342020h | ||
| Schneider-electric Bmxp3420302 | ||
| Schneider-electric Bmxp3420302cl | ||
| Schneider-electric Bmxp3420302h | ||
| Schneider-electric Bmx\/e Cra Firmware | <2.40 | |
| Schneider-electric Bmxcra31200 | ||
| Schneider-electric Bmxcra31210c | ||
| Schneider-electric Modicon Premium Firmware | ||
| Schneider-electric Modicon Premium | ||
| Schneider-electric 140cra312xxx Firmware | ||
| Schneider-electric 140cra312xxx | ||
| All of | ||
| Schneider-electric M580 Firmware | <2.50 | |
| Any of | ||
| Schneider-electric Bmeh582040 | ||
| Schneider-electric Bmeh582040c | ||
| Schneider-electric Bmeh584040 | ||
| Schneider-electric Bmeh584040c | ||
| Schneider-electric Bmeh586040 | ||
| Schneider-electric Bmeh586040c | ||
| Schneider-electric Modicon M580 Bmep581020 | ||
| Schneider-electric Modicon M580 Bmep581020h | ||
| Schneider-electric Modicon M580 Bmep582020 | ||
| Schneider-electric Modicon M580 Bmep582020h | ||
| Schneider-electric Modicon M580 Bmep582040 | ||
| Schneider-electric Modicon M580 Bmep582040h | ||
| Schneider-electric Modicon M580 Bmep582040s | ||
| Schneider-electric Modicon M580 Bmep583020 | ||
| Schneider-electric Modicon M580 Bmep583040 | ||
| Schneider-electric Modicon M580 Bmep584020 | ||
| Schneider-electric Modicon M580 Bmep584040 | ||
| Schneider-electric Modicon M580 Bmep584040s | ||
| Schneider-electric Modicon M580 Bmep585040 | ||
| Schneider-electric Modicon M580 Bmep585040c | ||
| Schneider-electric Modicon M580 Bmep586040 | ||
| Schneider-electric Modicon M580 Bmep586040c | ||
| All of | ||
| Schneider-electric M340 Firmware | <3.01 | |
| Any of | ||
| Schneider-electric Modicon M340 Bmxp341000 | ||
| Schneider-electric Modicon M340 Bmxp341000h | ||
| Schneider-electric Modicon M340 Bmxp342000 | ||
| Schneider-electric Modicon M340 Bmxp3420102 | ||
| Schneider-electric Modicon M340 Bmxp3420102cl | ||
| Schneider-electric Modicon M340 Bmxp342020 | ||
| Schneider-electric Modicon M340 Bmxp342020h | ||
| Schneider-electric Modicon M340 Bmxp3420302 | ||
| Schneider-electric Modicon M340 Bmxp3420302cl | ||
| Schneider-electric Modicon M340 Bmxp3420302h | ||
| All of | ||
| Schneider-electric Bmx\/e Cra Firmware | <2.40 | |
| Any of | ||
| Schneider-electric Bmxcra31200 | ||
| Schneider-electric Bmxcra31210c | ||
| All of | ||
| Schneider-electric Modicon Premium Firmware | ||
| Schneider-electric Modicon Premium | ||
| All of | ||
| Schneider-electric 140cra312xxx Firmware | ||
| Schneider-electric 140cra312xxx |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2018-7851.
What is the severity of CVE-2018-7851?
The severity of CVE-2018-7851 is medium with a CVSS score of 6.5.
Which software is affected by CVE-2018-7851?
CVE-2018-7851 affects Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, and all firmware versions of Modicon Premium and 140CRA312xxx.
How can I fix CVE-2018-7851?
To fix CVE-2018-7851, it is recommended to update the firmware of the affected devices to V2.50 or later for Modicon M580, V3.01 or later for Modicon M340, V2.40 or later for BMxCRA312xx, and the latest version available for Modicon Premium and 140CRA312xxx.
Where can I find more information about CVE-2018-7851?
You can find more information about CVE-2018-7851 in the Schneider Electric Security Advisory SEVD-2019-134-10.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/schneider-electric
- canonical/schneider-electric m580 firmware
- canonical/schneider-electric bmeh582040
- canonical/schneider-electric bmeh582040c
- canonical/schneider-electric bmeh584040
- canonical/schneider-electric bmeh584040c
- canonical/schneider-electric bmeh586040
- canonical/schneider-electric bmeh586040c
- canonical/schneider-electric modicon m580 bmep581020
- canonical/schneider-electric modicon m580 bmep581020h
- canonical/schneider-electric modicon m580 bmep582020
- canonical/schneider-electric modicon m580 bmep582020h
- canonical/schneider-electric modicon m580 bmep582040
- canonical/schneider-electric modicon m580 bmep582040h
- canonical/schneider-electric modicon m580 bmep582040s
- canonical/schneider-electric modicon m580 bmep583020
- canonical/schneider-electric modicon m580 bmep583040
- canonical/schneider-electric modicon m580 bmep584020
- canonical/schneider-electric modicon m580 bmep584040
- canonical/schneider-electric modicon m580 bmep584040s
- canonical/schneider-electric modicon m580 bmep585040
- canonical/schneider-electric modicon m580 bmep585040c
- canonical/schneider-electric modicon m580 bmep586040
- canonical/schneider-electric modicon m580 bmep586040c
- canonical/schneider-electric m340 firmware
- canonical/schneider-electric bmxp341000
- canonical/schneider-electric bmxp341000h
- canonical/schneider-electric bmxp342000
- canonical/schneider-electric bmxp3420102
- canonical/schneider-electric bmxp3420102cl
- canonical/schneider-electric bmxp342020
- canonical/schneider-electric bmxp342020h
- canonical/schneider-electric bmxp3420302
- canonical/schneider-electric bmxp3420302cl
- canonical/schneider-electric bmxp3420302h
- canonical/schneider-electric bmx\/e cra firmware
- canonical/schneider-electric bmxcra31200
- canonical/schneider-electric bmxcra31210c
- canonical/schneider-electric modicon premium firmware
- canonical/schneider-electric modicon premium
- canonical/schneider-electric 140cra312xxx firmware
- canonical/schneider-electric 140cra312xxx
- canonical/schneider-electric modicon m340 bmxp341000
- canonical/schneider-electric modicon m340 bmxp341000h
- canonical/schneider-electric modicon m340 bmxp342000
- canonical/schneider-electric modicon m340 bmxp3420102
- canonical/schneider-electric modicon m340 bmxp3420102cl
- canonical/schneider-electric modicon m340 bmxp342020
- canonical/schneider-electric modicon m340 bmxp342020h
- canonical/schneider-electric modicon m340 bmxp3420302
- canonical/schneider-electric modicon m340 bmxp3420302cl
- canonical/schneider-electric modicon m340 bmxp3420302h