Name of the Vulnerable Software and Affected Versions EKRA terminal microprogram software (affected versions not specified)

Description The issue exists due to the lack of authentication for any Modbus protocol commands. This could allow a remote attacker to execute arbitrary Modbus protocol commands and modify the controller configuration, including modifying the control program and executing arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.