CVE-2013-0662
Description
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
SEIG Modbus 3.4 - Denial of Service (PoC)
SEIG Modbus 3.4 - Remote Code Execution
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| schneider-electric | concept | {"endIncluding":"2.6"} | |
| schneider-electric | modbus_serial_driver | 1.10 | |
| schneider-electric | modbus_serial_driver | 2.2 | |
| schneider-electric | modbus_serial_driver | 3.2 | |
| schneider-electric | modbuscommdtm_sl | {"endIncluding":"2.1.2"} | |
| schneider-electric | opc_factory_server | {"endIncluding":"3.5.0"} | |
| schneider-electric | opc_factory_server | 3.34 | |
| schneider-electric | opc_factory_server | 3.35 | |
| schneider-electric | pl7 | {"endIncluding":"4.5"} | |
| schneider-electric | powersuite | {"endIncluding":"2.6"} | |
| schneider-electric | sft2841 | {"endIncluding":"14.0"} | |
| schneider-electric | sft2841 | 13.1 | |
| schneider-electric | somachine | {"endIncluding":"3.1"} | |
| schneider-electric | somachine | 2.0 | |
| schneider-electric | somachine | 3.0 | |
| schneider-electric | somove | {"endIncluding":"1.7"} | |
| schneider-electric | twidosuite | {"endIncluding":"2.31.04"} | |
| schneider-electric | unity_pro | {"endIncluding":"7.0"} | |
| schneider-electric | unity_pro | 6.0 | |
| schneider-electric | unityloader | {"endIncluding":"2.3"} | |
| schneider_electric | somachine | 3.0 | |
References
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01
- http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01
- http://www.securityfocus.com/bid/66500
- https://www.exploit-db.com/exploits/45219/
- https://www.exploit-db.com/exploits/45220/
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01
- http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01
- http://www.securityfocus.com/bid/66500
- https://www.exploit-db.com/exploits/45219/
- https://www.exploit-db.com/exploits/45220/
CWEs
CWE-787
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.