CVE-2018-7838

EPSS 1.1%CWE-119

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

15 jul 2019Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of service on the FTP service of the controller or the Ethernet BMENOC module when it receives a FTP CWD command with a data length greater than 1020 bytes. A power cycle is then needed to reactivate the FTP service.

Productos afectados

Modicon · Modicon M580 CPU - BMEP582040 all versions before V2.90 and Modicon Ethernet Module BMENOC0301 all versions before V2.16

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-190-03