CVE-2018-7843

HIGH

Modicon M580, M340, Quantum, and Premium Firmware - Denial of Service via Invalid Modbus Memory Block Read

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7843. PoCs published by yanissec.

AI-analyzed exploit summary This PoC exploits a DoS vulnerability in Schneider Electric Modicon PLCs by sending malformed Modbus packets to trigger a memory read operation, causing the device to crash. The script iterates through memory blocks until the connection is terminated.

Description

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus.

Exploits (1)

nomisec WORKING POC

by yanissec · poc

https://github.com/yanissec/CVE-2018-7843

View Code ZIP pw:eip

This PoC exploits a DoS vulnerability in Schneider Electric Modicon PLCs by sending malformed Modbus packets to trigger a memory read operation, causing the device to crash. The script iterates through memory blocks until the connection is terminated.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Schneider Electric Modicon M580, M340, Premium, Quantum (versions < 2.80, 3.10, 3.20, 3.60 respectively)

No auth needed

Prerequisites: Network access to the target PLC · Modbus/TCP port (502) accessible

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/

Exploit, Third Party Advisory x_refsource_misc

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0738

Scores

CVSS v3 7.5

EPSS 0.0329

EPSS Percentile 86.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (4)

schneider-electric/modicon_m340_firmware

schneider-electric/modicon_m580_firmware

schneider-electric/modicon_premium_firmware

schneider-electric/modicon_quantum_firmware

Published May 22, 2019

Tracked Since Feb 18, 2026