CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7809

An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.023

EPSS Ranking 84.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 6.4

References

Products affected by CVE-2018-7809

Schneider-Electric » Modicom Bmxnor0200h » Version: N/A

cpe:2.3:h:schneider-electric:modicom_bmxnor0200h:-
Schneider-Electric » Modicom M340 » Version: N/A

cpe:2.3:h:schneider-electric:modicom_m340:-
Schneider-Electric » Modicom Premium » Version: N/A

cpe:2.3:h:schneider-electric:modicom_premium:-
Schneider-Electric » Modicom Quantum » Version: N/A

cpe:2.3:h:schneider-electric:modicom_quantum:-
Schneider-Electric » Modicom Bmxnor0200h Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_bmxnor0200h_firmware:-
Schneider-Electric » Modicom M340 Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_m340_firmware:-
Schneider-Electric » Modicom Premium Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_premium_firmware:-
Schneider-Electric » Modicom Quantum Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_quantum_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7809

Products

Pricing

Contact Us