A vulnerability, which was classified as problematic, was found in Modicon M340, Premium, Quantum PLC and BMXNOR0200 (SCADA Software) (the affected version unknown). Affected is an unknown part of the component Embedded Web Server. The manipulation as part of a POST Request leads to a unusual condition vulnerability. CWE is classifying the issue as CWE-754. The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. This is going to have an impact on availability. CVE summarizes:

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafted XML data via a POST request to cause the web server to become unavailable

The bug was discovered 12/07/2018. The weakness was disclosed 12/17/2018 (Website). The advisory is available at schneider-electric.com. This vulnerability is traded as CVE-2018-7833 since 03/08/2018. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. The technical details are unknown and an exploit is not available.

The vulnerability was handled as a non-public zero-day exploit for at least 10 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entries 127371, 127373, 127372 and 127374 are pretty similar.

Productinfo

Type

• SCADA Software

Vendor

• Modicon

Name

• BMXNOR0200
• M340
• Premium
• Quantum PLC

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion