Описание
Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.
Ссылки
- Vendor Advisory
- Exploit
- US Government Resource
- Exploit
- Vendor Advisory
- Vendor Advisory
- Exploit
- US Government Resource
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.1 (включая)
Одно из
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:*:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.0_build_1:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.0a:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.1:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.2:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.2a:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.3:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.3a:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.4:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.4a:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.5:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.6:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.6a:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.6b:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7a:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7b:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7c:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7d:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7e:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.7f:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.8:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.9:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.9_build_2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.10:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.11:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.12:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:2.12.3:*:*:*:*:*:*:*
cpe:2.3:a:automatedsolutions:modbus\/tcp_master_opc_server:3.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.59367
Средний
7.6 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.
EPSS
Процентиль: 98%
0.59367
Средний
7.6 High
CVSS2
Дефекты
CWE-119