Schneider Electric Modicon Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-7762)

high Tenable OT Security Plugin ID 501200

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?c46bd378

Plugin Details

Severity: High

ID: 501200

Version: 1.4

Type: remote

Family: Tenable.ot

Published: 6/29/2023

Updated: 11/30/2023

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2018-7762

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:schneider-electric:140cpu31110_firmware:-, cpe:/o:schneider-electric:140cpu31110c_firmware:-, cpe:/o:schneider-electric:140cpu43412u_firmware:-, cpe:/o:schneider-electric:140cpu43412uc_firmware:-, cpe:/o:schneider-electric:140cpu65150_firmware:-, cpe:/o:schneider-electric:140cpu65150c_firmware:-, cpe:/o:schneider-electric:140cpu65160_firmware:-, cpe:/o:schneider-electric:140cpu65160c_firmware:-, cpe:/o:schneider-electric:140cpu65160s_firmware:-, cpe:/o:schneider-electric:140cpu65260_firmware:-, cpe:/o:schneider-electric:140cpu65260c_firmware:-, cpe:/o:schneider-electric:140cpu65860_firmware:-, cpe:/o:schneider-electric:140cpu65860c_firmware:-, cpe:/o:schneider-electric:bmxp341000_firmware:-, cpe:/o:schneider-electric:bmxp341000h_firmware:-, cpe:/o:schneider-electric:bmxp342000_firmware:-, cpe:/o:schneider-electric:bmxp3420102_firmware:-, cpe:/o:schneider-electric:bmxp3420102cl_firmware:-, cpe:/o:schneider-electric:bmxp342020_firmware:-, cpe:/o:schneider-electric:bmxp342020h_firmware:-, cpe:/o:schneider-electric:bmxp3420302_firmware:-, cpe:/o:schneider-electric:bmxp3420302cl_firmware:-, cpe:/o:schneider-electric:bmxp3420302h_firmware:-, cpe:/o:schneider-electric:tsxh5724m_firmware:-, cpe:/o:schneider-electric:tsxh5724mc_firmware:-, cpe:/o:schneider-electric:tsxh5744m_firmware:-, cpe:/o:schneider-electric:tsxh5744mc_firmware:-, cpe:/o:schneider-electric:tsxp57104m_firmware:-, cpe:/o:schneider-electric:tsxp57104mc_firmware:-, cpe:/o:schneider-electric:tsxp57154m_firmware:-, cpe:/o:schneider-electric:tsxp57154mc_firmware:-, cpe:/o:schneider-electric:tsxp571634m_firmware:-, cpe:/o:schneider-electric:tsxp571634mc_firmware:-, cpe:/o:schneider-electric:tsxp57204m_firmware:-, cpe:/o:schneider-electric:tsxp57204mc_firmware:-, cpe:/o:schneider-electric:tsxp57254m_firmware:-, cpe:/o:schneider-electric:tsxp57254mc_firmware:-, cpe:/o:schneider-electric:tsxp572634m_firmware:-, cpe:/o:schneider-electric:tsxp572634mc_firmware:-, cpe:/o:schneider-electric:tsxp57304m_firmware:-, cpe:/o:schneider-electric:tsxp57304mc_firmware:-, cpe:/o:schneider-electric:tsxp57354m_firmware:-, cpe:/o:schneider-electric:tsxp57354mc_firmware:-, cpe:/o:schneider-electric:tsxp573634m_firmware:-, cpe:/o:schneider-electric:tsxp573634mc_firmware:-, cpe:/o:schneider-electric:tsxp57454m_firmware:-, cpe:/o:schneider-electric:tsxp57454mc_firmware:-, cpe:/o:schneider-electric:tsxp574634m_firmware:-, cpe:/o:schneider-electric:tsxp574634mc_firmware:-, cpe:/o:schneider-electric:tsxp57554m_firmware:-, cpe:/o:schneider-electric:tsxp57554mc_firmware:-, cpe:/o:schneider-electric:tsxp575634m_firmware:-, cpe:/o:schneider-electric:tsxp575634mc_firmware:-, cpe:/o:schneider-electric:tsxp576634m_firmware:-, cpe:/o:schneider-electric:tsxp576634mc_firmware:-

Required KB Items: Tenable.ot/Schneider

Exploit Ease: No known exploits are available

Patch Publication Date: 4/18/2018

Vulnerability Publication Date: 4/18/2018

Reference Information

CVE: CVE-2018-7762

CWE: 119