CVE-2020-7537

Name of the Vulnerable Software and Affected Versions Modicon M580 (affected versions not specified) Modicon M340 (affected versions not specified) Legacy Controllers Modicon Quantum (affected versions not specified) Modicon Premium (affected versions not specified)

Description A vulnerability exists that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller. This issue is related to an improper check for unusual or exceptional conditions. The vulnerability can be exploited by a remote attacker to cause a denial of service.

Recommendations For Modicon M580, check the security notifications for the affected versions and follow the provided guidance to resolve the issue. For Modicon M340, check the security notifications for the affected versions and follow the provided guidance to resolve the issue. For Legacy Controllers Modicon Quantum, check the security notifications for the affected versions and follow the provided guidance to resolve the issue. For Modicon Premium, check the security notifications for the affected versions and follow the provided guidance to resolve the issue. As a temporary workaround, consider restricting access to the Modbus protocol to minimize the risk of exploitation.