CVE-2018-7849

HIGH

Modicon M580, M340, Quantum and Premium Firmware - Denial of Service via Modbus File Transfer

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7849. PoCs published by yanissec.

AI-analyzed exploit summary This PoC exploits CVE-2018-7849, a vulnerability in Schneider Electric Modicon PLCs, by sending crafted packets to download an APX file to the target device. The exploit follows a specific sequence to reserve, stop, and initialize the download process on the PLC.

Description

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.

Exploits (1)

nomisec WORKING POC 1 stars
by yanissec · poc
https://github.com/yanissec/CVE-2018-7849

This PoC exploits CVE-2018-7849, a vulnerability in Schneider Electric Modicon PLCs, by sending crafted packets to download an APX file to the target device. The exploit follows a specific sequence to reserve, stop, and initialize the download process on the PLC.

Classification
Working Poc 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: Schneider Electric Modicon M580, M340, Premium, Quantum
No auth needed
Prerequisites: Network access to the target PLC · APX file to be downloaded
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737

Scores

CVSS v3 7.5
EPSS 0.0329
EPSS Percentile 86.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-755
Status published
Products (4)
schneider-electric/modicon_m340_firmware
schneider-electric/modicon_m580_firmware
schneider-electric/modicon_premium_firmware
schneider-electric/modicon_quantum_firmware
Published May 22, 2019
Tracked Since Feb 18, 2026