CVE-2018-7847

Name of the Vulnerable Software and Affected Versions Modicon M580 versions (affected versions not specified) Modicon M340 versions (affected versions not specified) Modicon Quantum versions (affected versions not specified) Modicon Premium versions (affected versions not specified)

Description The issue is related to errors in access control. It may allow a remote attacker to cause a denial of service or execute arbitrary code by overwriting the controller's configuration settings using the Modbus protocol.

Recommendations For Modicon M580, update the configuration to restrict access to the Modbus protocol until a patch is available. For Modicon M340, consider disabling remote access to the controller until a fix is provided. For Modicon Quantum, restrict modifications to the controller's configuration settings to minimize the risk of exploitation. For Modicon Premium, avoid using the Modbus protocol for configuration changes until the issue is resolved. As a temporary workaround, consider restricting access to the Modbus protocol for all affected controllers until a patch is available.