CVE-2018-7240 : A vulnerability exists in Schneider Electric's Modicon Quantum in all versions o

A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.

Published 2018-04-18 20:29:00

Updated 2019-10-03 00:03:26

Source Schneider Electric SE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2018-7240

Schneider-electric » 140cpu65150 Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65150 » Version: N/A
Schneider-electric » 140cpu31110 Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu31110 » Version: N/A
Schneider-electric » 140cpu43412u Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu43412u » Version: N/A
Schneider-electric » 140cpu65160 Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65160 » Version: N/A
Schneider-electric » 140cpu65260 Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65260 » Version: N/A
Schneider-electric » 140cpu65860 Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65860 » Version: N/A
Schneider-electric » 140cpu65160s Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65160s » Version: N/A
Schneider-electric » 140cpu65150c Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65150c » Version: N/A
Schneider-electric » 140cpu31110c Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu31110c » Version: N/A
Schneider-electric » 140cpu43412uc Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu43412uc » Version: N/A
Schneider-electric » 140cpu65160c Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65160c » Version: N/A
Schneider-electric » 140cpu65260c Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65260c » Version: N/A
Schneider-electric » 140cpu65860c Firmware » Version: N/A
cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » 140cpu65860c » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2018-7240

EPSS FAQ

0.44%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 60 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-7240

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P	8.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-7240

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-7240

https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01

Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 | CISA
Third Party Advisory;US Government Resource

CVEs referencing this url
http://www.securityfocus.com/bid/103541

Schneider Electric Modicon Quantum CVE-2018-7240 Remote Code Execution Vulnerability
Third Party Advisory;VDB Entry
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/

Security Notification - Embedded FTP Servers for Modicon | Schneider Electric
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2018-7240

Products affected by CVE-2018-7240

Exploit prediction scoring system (EPSS) score for CVE-2018-7240

CVSS scores for CVE-2018-7240

CWE ids for CVE-2018-7240

References for CVE-2018-7240