CVE-2013-0662
SEIG Modbus 3.4 - Denial of Service (PoC)
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
Múltiples desbordamientos de buffer basado en pila en ModbusDrv.exe en Schneider Electric Modbus Serial Driver 1.10 hasta 3.2 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de tamaño de buffer grande en Modbus Application Header.
SEIG Modbus version 3.4 suffers from a remote code execution vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-12-19 CVE Reserved
- 2014-03-28 CVE Published
- 2024-03-26 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01 | Mitigation | |
| http://www.securityfocus.com/bid/66500 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/45219 | 2024-08-06 | |
| https://www.exploit-db.com/exploits/45220 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01 | 2022-02-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Schneider-electric Search vendor "Schneider-electric" | Concept Search vendor "Schneider-electric" for product "Concept" | <= 2.6 Search vendor "Schneider-electric" for product "Concept" and version " <= 2.6" | sr7 |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Modbus Serial Driver Search vendor "Schneider-electric" for product "Modbus Serial Driver" | 1.10 Search vendor "Schneider-electric" for product "Modbus Serial Driver" and version "1.10" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Modbus Serial Driver Search vendor "Schneider-electric" for product "Modbus Serial Driver" | 2.2 Search vendor "Schneider-electric" for product "Modbus Serial Driver" and version "2.2" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Modbus Serial Driver Search vendor "Schneider-electric" for product "Modbus Serial Driver" | 3.2 Search vendor "Schneider-electric" for product "Modbus Serial Driver" and version "3.2" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Modbuscommdtm Sl Search vendor "Schneider-electric" for product "Modbuscommdtm Sl" | <= 2.1.2 Search vendor "Schneider-electric" for product "Modbuscommdtm Sl" and version " <= 2.1.2" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Opc Factory Server Search vendor "Schneider-electric" for product "Opc Factory Server" | <= 3.5.0 Search vendor "Schneider-electric" for product "Opc Factory Server" and version " <= 3.5.0" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Opc Factory Server Search vendor "Schneider-electric" for product "Opc Factory Server" | 3.34 Search vendor "Schneider-electric" for product "Opc Factory Server" and version "3.34" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Opc Factory Server Search vendor "Schneider-electric" for product "Opc Factory Server" | 3.35 Search vendor "Schneider-electric" for product "Opc Factory Server" and version "3.35" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Pl7 Search vendor "Schneider-electric" for product "Pl7" | <= 4.5 Search vendor "Schneider-electric" for product "Pl7" and version " <= 4.5" | sp7 |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Powersuite Search vendor "Schneider-electric" for product "Powersuite" | <= 2.6 Search vendor "Schneider-electric" for product "Powersuite" and version " <= 2.6" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Sft2841 Search vendor "Schneider-electric" for product "Sft2841" | <= 14.0 Search vendor "Schneider-electric" for product "Sft2841" and version " <= 14.0" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Sft2841 Search vendor "Schneider-electric" for product "Sft2841" | 13.1 Search vendor "Schneider-electric" for product "Sft2841" and version "13.1" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Somachine Search vendor "Schneider-electric" for product "Somachine" | <= 3.1 Search vendor "Schneider-electric" for product "Somachine" and version " <= 3.1" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Somachine Search vendor "Schneider-electric" for product "Somachine" | 2.0 Search vendor "Schneider-electric" for product "Somachine" and version "2.0" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Somachine Search vendor "Schneider-electric" for product "Somachine" | 3.0 Search vendor "Schneider-electric" for product "Somachine" and version "3.0" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Somove Search vendor "Schneider-electric" for product "Somove" | <= 1.7 Search vendor "Schneider-electric" for product "Somove" and version " <= 1.7" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Twidosuite Search vendor "Schneider-electric" for product "Twidosuite" | <= 2.31.04 Search vendor "Schneider-electric" for product "Twidosuite" and version " <= 2.31.04" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Unity Pro Search vendor "Schneider-electric" for product "Unity Pro" | <= 7.0 Search vendor "Schneider-electric" for product "Unity Pro" and version " <= 7.0" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Unity Pro Search vendor "Schneider-electric" for product "Unity Pro" | 6.0 Search vendor "Schneider-electric" for product "Unity Pro" and version "6.0" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Unityloader Search vendor "Schneider-electric" for product "Unityloader" | <= 2.3 Search vendor "Schneider-electric" for product "Unityloader" and version " <= 2.3" | - |
Affected
| ||||||
| Schneider Electric Search vendor "Schneider Electric" | Somachine Search vendor "Schneider Electric" for product "Somachine" | 3.0 Search vendor "Schneider Electric" for product "Somachine" and version "3.0" | xs |
Affected
| ||||||