Vulnerability Note VU#768840
Automated Solutions Modbus/TCP Master OPC server Modbus TCP header vulnerability
Automated Solutions OPC Server contains a heap corruption vulnerability in the Modbus/TCP Master OPC server.
Automated Solutions Modbus/TCP Master OPC Server contains a heap corruption vulnerability. The server is vulnerable to an attacker writing an arbitrary number of double words or DWORDs onto the heap.
For additional information see ICSA-10-322-02A.
Successful exploitation would likely not allow arbitrary code execution; however, an exploit could possibly corrupt the OPC server memory and cause a denial of service.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Automated Solutions||Affected||-||26 Jan 2011|
CVSS Metrics (Learn More)
Thanks to Jeremy Brown for reporting this vulnerability to ICS-CERT.
This document was written by Michael Orlando.
- CVE IDs: CVE-2010-4709
- Date Public: 22 Nov 2010
- Date First Published: 03 Feb 2011
- Date Last Updated: 03 Feb 2011
- Severity Metric: 1.02
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.