CVE-2018-7852

HIGH

Modicon M580 M340 Quantum Premium Firmware - Denial of Service via Invalid Modbus Private Command Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7852. PoCs published by yanissec.

AI-analyzed exploit summary This PoC exploits a denial-of-service vulnerability in Schneider Electric Modicon PLCs by sending a malformed packet to the target device, causing it to crash. The exploit is straightforward and does not require authentication.

Description

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus.

Exploits (1)

nomisec WORKING POC

by yanissec · poc

https://github.com/yanissec/CVE-2018-7852

View Code ZIP pw:eip

This PoC exploits a denial-of-service vulnerability in Schneider Electric Modicon PLCs by sending a malformed packet to the target device, causing it to crash. The exploit is straightforward and does not require authentication.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Schneider Electric Modicon M580, M340, Premium, Quantum (versions < 2.80, < 3.01, < 3.20, < 3.60 respectively)

No auth needed

Prerequisites: Network access to the target device · Modbus/TCP port (502) accessible

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/

Exploit, Third Party Advisory x_refsource_misc

https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0763

Scores

CVSS v3 7.5

EPSS 0.0361

EPSS Percentile 88.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-248 CWE-755

Status published

Products (5)

None/Modicon M580 Modicon M340 Modicon Quantum Modicon Premium Modicon M580 Modicon M340 Modicon Quantum Modicon Premium

schneider-electric/modicon_m340_firmware

schneider-electric/modicon_m580_firmware

schneider-electric/modicon_premium_firmware

schneider-electric/modicon_quantum_firmware

Published May 22, 2019

Tracked Since Feb 18, 2026