CERT home
vulnerabilities & fixesevaluations & practicesresearch & analysistraining & education
homesearchFAQsite indexcontact
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

Vulnerability Note VU#981849

Automated Solutions Modbus TCP Slave ActiveX Control Vulnerability

Overview

Automated Solutions Modbus TCP Slave ActiveX Control contains a vulnerability that may allow a remote attacker to execute arbitrary code or cause a denial-of-service.

I. Description

Automated Solutions Modbus TCP Slave ActiveX Control fails to properly process malformed "Modbus" requests to TCP port 502 due to an error in "MiniHMI.exe". According to TippingPoint:

    When processing malformed Modbus requests on this port a controllable heap corruption can occur which may result in execution of arbitrary code.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running the MiniHMI.exe or cause a denial-of-service.

III. Solution

Upgrade

Automated Solutions has addressed this issue with an update. OEMs who suspect they use an affected version of the Automated Solutions Modbus TCP Slave ActiveX Control should contact Automated Solutions for more information. A link to an executable is available via TippingPoint, however, the nature of this executable is not known and clicking on unknown executables is not advisable.

Restrict Access

Permit network access only as required for proper site operation.

Systems Affected

VendorStatusDate Updated
Automated SolutionsVulnerable2008-10-31

References


http://www.zerodayinitiative.com/advisories/TPTI-07-15.html
http://www.securiteam.com/windowsntfocus/5LP0L00MKM.html
http://www.securityfocus.com/archive/1/archive/1/479967/100/0/threaded
http://www.nessus.org/plugins/index.php?view=single&id=26066
http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm
http://www.securityfocus.com/bid/25713
http://www.securitytracker.com/id?1018707
http://xforce.iss.net/xforce/xfdb/36677

Credit

This vulnerability was reported by Ganesh Devarajan of TippingPoint DVLabs.

This document was written by Chris Taschner.

Other Information

Date Public09/20/2007
Date First Published12/17/2008 11:35:17 AM
Date Last Updated12/19/2008
CERT Advisory 
CVE NameCVE-2007-4827
Metric2.84
Document Revision15

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Copyright 2008 Carnegie Mellon University