Buffer overflow in Schneider-electric 140cpu31110

CVE-2018-7240

A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a den…

Vulnerability class: Buffer Overflow

EPSS: 0.033 (87.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2018-7240?
CVE-2018-7240 is a high-severity vulnerability in Schneider-electric 140cpu31110, classified under Out-of-bounds Write. CVSS score: 8.8/10. Published 2018-04-18.
How severe is CVE-2018-7240?
High severity. CVSS v3 base score is 8.8 out of 10.