This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that is affected by a
buffer overflow vulnerability.
The remote host contains the Automated Solutions Modbus TCP Slave
ActiveX control, which allows a PC to emulate a Modbus Serial and / or
TCP slave device.
The version of this control installed on the remote host reportedly
contains a buffer overflow issue with the Modbus/TCP Diagnostic
function (FC8). Using specially-crafted Modbus requests. An
unauthenticated remote attacker may be able to leverage this issue to
execute arbitrary code remotely subject to the privileges of the user
running the MiniHMI.exe program.
See also :
Upgrade to version Automated Solutions Modbus Slave ActiveX Control
version 1.5 or later.
Risk factor :
High / CVSS Base Score : 7.6
CVSS Temporal Score : 5.6
Public Exploit Available : false
Nessus Plugin ID: 26066 ()
Bugtraq ID: 25713
CVE ID: CVE-2007-4827
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.