Heap-Based Buffer Overflow in libmodbus Affecting Multiple Products
CVE-2023-26793

Currently unrated

Key Information:

Vendor

libmodbus project

Status
LIBModbus
Vendor
CVE Published:
1 May 2024

What is CVE-2023-26793?

The vulnerability in libmodbus v3.1.10 is characterized by a heap-based buffer overflow within the read_io_status function located in src/modbus.c. This issue can potentially allow an attacker to exploit the affected software, leading to unauthorized access or manipulation of data. Comprehensive assessment and remediation strategies are essential for systems utilizing libmodbus, particularly in scenarios involving critical modbus communications.

References

https://github.com/stephane/libmodbus/issues/683

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.