Buffer overflow in Schneider-electric 140cra312xxx
CVE-2018-7851
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when s…
Vulnerability class: Buffer Overflow
EPSS: 0.012 (64.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Schneider-electric 140cra312xxx
- Schneider-electric 140cra312xxx_firmware
- Schneider-electric Bmeh582040
- Schneider-electric Bmeh582040c
- Schneider-electric Bmeh584040
- Schneider-electric Bmeh584040c
- Schneider-electric Bmeh586040
- Schneider-electric Bmeh586040c
- Schneider-electric Bmxcra31200
- Schneider-electric Bmxcra31210c
Weakness classification (CWE)
References
- cybersecurity@se.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2018-7851?
- CVE-2018-7851 is a medium-severity vulnerability in Schneider-electric 140cra312xxx, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.5/10. Published 2019-05-22.
- How severe is CVE-2018-7851?
- Medium severity. CVSS v3 base score is 6.5 out of 10.