Automated Solutions Modbus Slave MiniHMI.exe ActiveX Modbus/TCP Diagnostic Function Arbitrary Code Execution
High Nessus Plugin ID 26066
SynopsisThe remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.
DescriptionThe remote host contains the Automated Solutions Modbus TCP Slave ActiveX control, which allows a PC to emulate a Modbus Serial and / or TCP slave device.
The version of this control installed on the remote host reportedly contains a buffer overflow issue with the Modbus/TCP Diagnostic function (FC8). Using specially-crafted Modbus requests. An unauthenticated remote attacker may be able to leverage this issue to execute arbitrary code remotely subject to the privileges of the user running the MiniHMI.exe program.
SolutionUpgrade to version Automated Solutions Modbus Slave ActiveX Control version 1.5 or later.