What is CVE-2018-7821?

CVE-2018-7821 is a high-severity vulnerability in Schneider-electric Modicon_m221, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2019-05-22.

How severe is CVE-2018-7821?

High severity. CVSS v3 base score is 7.5 out of 10.

Is CVE-2018-7821 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Resource exhaustion in Schneider-electric Modicon_m221

CVE-2018-7821

An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while th…

EPSS: 0.005 (67.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Schneider-electric Modicon_m221
Schneider-electric Modicon_m221_firmware
Schneider-electric Somachine_basic
N/a Somachine Basic And Modicon M221, Basic, All Versions References, Prior To Firmware V1.10.0.0 — versions SoMachine Basic and Modicon M221, SoMachine Basic, all versions Modicon M221, all references, all versions prior to firmware V1.10.0.0

Weakness classification (CWE)

Public proof-of-concept exploits

n0-traces/cve_

References

cybersecurity@se.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2018-7821?: CVE-2018-7821 is a high-severity vulnerability in Schneider-electric Modicon_m221, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2019-05-22.
How severe is CVE-2018-7821?: High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2018-7821 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.