Modbus/TCP Master OPC Server MODBUS Protocol Response Packet Remote Overflow
High Nessus Plugin ID 53573
SynopsisThe remote Windows host contains a SCADA application with a buffer overflow vulnerability.
DescriptionThe version of the Modbus/TCP Master OPC Server from Automated Solutions installed on the remote host is earlier than 3.0.2 and, as such, reportedly has a buffer overflow vulnerability.
If the server can be made to initiate communications with a malicious channel under an attacker's control, this issue can be leveraged to overwrite data in a heap buffer resulting in an application crash and possibly execution of arbitrary code.
SolutionUpgrade to Automated Solutions' Modbus/TCP OPC Server 3.0.2 or later.