PT-2013-5763 · Triangle Research International · Nano-10 Plc

Published

2013-10-29

Updated

2013-10-29

CVE-2013-5741

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Triangle Research International (aka Tri) Nano-10 PLC devices version r81 and earlier

Description The issue is related to the improper handling of large length values in MODBUS data, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a crafted packet to TCP port 502, resulting in the device transitioning to the interrupt state.

Recommendations For Triangle Research International (aka Tri) Nano-10 PLC devices version r81 and earlier, update the firmware to a version later than r81 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2013-5741

Affected Products

Nano-10 Plc

PT-2013-5763 · Triangle Research International · Nano-10 Plc

CVE-2013-5741

Weakness Enumeration

Related Identifiers

Affected Products

References · 4