Is CVE-2018-7846 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Modicon M580 M340 Quantum Premium

CVE-2018-7846

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute for…

EPSS: 0.632 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a Modicon M580 M340 Quantum Premium — versions Modicon M580 Modicon M340 Modicon Quantum Modicon Premium

Public proof-of-concept exploits

yanissec/CVE-2018-7846

References

www.schneider-electric.com/en/download/document/SEVD-2019-134-11/ (x_refsource_MISC)
www.talosintelligence.com/vulnerability_reports/TALOS-2018-0735 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-7846?: CVE-2018-7846 is a vulnerability in Modicon M580 M340 Quantum Premium. Published 2019-05-22.
Is CVE-2018-7846 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.