CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7524

Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4 devices to go down. The device does not work properly and must be powered back on to return to normal.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2020-7524

Schneider-Electric » Modicon M218 » Version: N/A

cpe:2.3:h:schneider-electric:modicon_m218:-
Schneider-Electric » Modicon M218 Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modicon_m218_firmware:-
Schneider-Electric » Modicon M218 Firmware » Version: 4.3

cpe:2.3:o:schneider-electric:modicon_m218_firmware:4.3
Schneider-Electric » Modicon M218 Firmware » Version: 5.0.0.7

cpe:2.3:o:schneider-electric:modicon_m218_firmware:5.0.0.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7524

Products

Pricing

Contact Us