CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7833

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafted XML data via a POST request to cause the web server to become unavailable

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-7833

Schneider-Electric » Modicom Bmxnor0200h » Version: N/A

cpe:2.3:h:schneider-electric:modicom_bmxnor0200h:-
Schneider-Electric » Modicom M340 » Version: N/A

cpe:2.3:h:schneider-electric:modicom_m340:-
Schneider-Electric » Modicom Premium » Version: N/A

cpe:2.3:h:schneider-electric:modicom_premium:-
Schneider-Electric » Modicom Quantum » Version: N/A

cpe:2.3:h:schneider-electric:modicom_quantum:-
Schneider-Electric » Modicom Bmxnor0200h Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_bmxnor0200h_firmware:-
Schneider-Electric » Modicom M340 Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_m340_firmware:-
Schneider-Electric » Modicom Premium Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_premium_firmware:-
Schneider-Electric » Modicom Quantum Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicom_quantum_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7833

Products

Pricing

Contact Us