CVE-2013-0662

Name of the Vulnerable Software and Affected Versions Schneider Electric Modbus Serial Driver versions 1.10 through 3.2

Description The issue is caused by multiple stack-based buffer overflows in ModbusDrv.exe, allowing remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. This can be exploited by sending a specially crafted request with a large buffer-size value, potentially leading to code execution.

Recommendations For versions 1.10 through 3.2, update to a version that fixes the buffer overflow issue in ModbusDrv.exe to prevent remote code execution. As a temporary workaround, consider restricting access to the Modbus Application Header to minimize the risk of exploitation.