PT-2013-5763 · Triangle Research International · Nano-10 Plc
Publicado
2013-10-29
·
Atualizado
2013-10-29
·
CVE-2013-5741
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Triangle Research International (aka Tri) Nano-10 PLC devices version r81 and earlier
Description
The issue is related to the improper handling of large length values in MODBUS data, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a crafted packet to TCP port 502, resulting in the device transitioning to the interrupt state.
Recommendations
For Triangle Research International (aka Tri) Nano-10 PLC devices version r81 and earlier, update the firmware to a version later than r81 to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nano-10 Plc