Information Exposure through Discrepancy in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Web Servers

Information Exposure through Discrepancy in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Web Servers

CVE-2018-7812 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

Learn more about our Web App Pen Testing.