CVE-2018-7842

CRITICAL

Modicon M580, M340, Quantum, and Premium Firmware - Authentication Bypass via Modbus Parameter Brute Force

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7842. PoCs published by yanissec.

AI-analyzed exploit summary This PoC exploits CVE-2018-7842, a vulnerability in Schneider Electric Modicon PLCs, by brute-forcing a session key to send unauthorized start/stop commands. It demonstrates a denial-of-service (DoS) condition by manipulating PLC operations without authentication.

Description

A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller.

Exploits (1)

nomisec WORKING POC

by yanissec · poc

https://github.com/yanissec/CVE-2018-7842

View Code ZIP pw:eip

This PoC exploits CVE-2018-7842, a vulnerability in Schneider Electric Modicon PLCs, by brute-forcing a session key to send unauthorized start/stop commands. It demonstrates a denial-of-service (DoS) condition by manipulating PLC operations without authentication.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Schneider Electric Modicon M580 (<2.90), M340 (<3.10), Premium, Quantum

No auth needed

Prerequisites: Network access to the target PLC · Modbus/TCP port (502) accessible

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/

Exploit, Third Party Advisory x_refsource_misc

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0741

Scores

CVSS v3 9.8

EPSS 0.3504

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-290

Status published

Products (4)

schneider-electric/modicon_m340_firmware

schneider-electric/modicon_m580_firmware

schneider-electric/modicon_premium_firmware

schneider-electric/modicon_quantum_firmware

Published May 22, 2019

Tracked Since Feb 18, 2026