CVE-2018-7762
high-risk
Published 2018-04-18
A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.
Do I need to act?
-
0.82% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Bmxnor0200 Firmware
Bmxnor0200H Firmware
140Cpu31110 Firmware
140Cpu43412U Firmware
140Cpu65160 Firmware
140Cpu65260 Firmware
140Cpu65860 Firmware
140Cpu65160S Firmware
140Cpu65150C Firmware
140Cpu31110C Firmware
140Cpu43412Uc Firmware
140Cpu65160C Firmware
140Cpu65260C Firmware
140Cpu65860C Firmware
Modicon M340 Bmxp3420102Cl Firmware
Affected Vendors
References (2)
55
/ 100
high-risk
Severity
26/34 · High
Exploitability
3/34 · Minimal
Exposure
26/34 · High