CVE-2018-7823

MEDIUM

SoMachine Basic and Modicon M221 < 1.10.0.0 - Remote Code Execution via Crafted Ethernet Message

Title source: llm

Description

A Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause remote launch of SoMachine Basic when sending crafted ethernet message.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.schneider-electric.com/en/download/document/SEVD-2019-045-01/

Scores

CVSS v3 5.3

EPSS 0.0038

EPSS Percentile 59.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

Status published

Products (2)

schneider-electric/modicon_m221_firmware < 1.10.0.0

schneider-electric/somachine_basic

Published May 22, 2019

Tracked Since Feb 18, 2026