CVE-2013-0662

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Somachine; Concept; Modbus Serial Driver; Sft2841
Vendor: CVE Published:; 1 April 2014

Summary

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_CONFIRM

https://www.exploit-db.com/exploits/45219/

exploitx_refsource_EXPLOIT-DB

http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01

x_refsource_MISC

EPSS Score

64% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 1, 2014
Vulnerability Reserved
Dec 19, 2012