cvedb.io
CVE-2018-7812
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2018-12-17T22:29:00.297 · Last modified 2026-06-17T02:03:46.827

Summary

An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

Affected products

schneider-electric — modicom_m340_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when schneider-electric ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.