CVE-2018-7855

Name of the Vulnerable Software and Affected Versions Modicon M580 versions prior to a fixed version Modicon M340 versions prior to a fixed version Modicon Quantum versions prior to a fixed version Modicon Premium versions prior to a fixed version

Description The issue is related to an uncaught exception in the programmable logic controller's software, which can be exploited by sending invalid breakpoint parameters to the controller using the Modbus protocol. This could cause a Denial of Service. The estimated number of potentially affected devices is not specified.

Recommendations For Modicon M580 versions prior to the fixed version, update to the latest version to resolve the issue. For Modicon M340 versions prior to the fixed version, update to the latest version to resolve the issue. For Modicon Quantum versions prior to the fixed version, update to the latest version to resolve the issue. For Modicon Premium versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the Modbus protocol to minimize the risk of exploitation.