PT-2024-27177 · Libmodbus+3 · Libmodbus+3
Balckgu1O
·
Published
2024-05-31
·
Updated
2025-05-06
·
CVE-2024-36843
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
libmodbus version 3.1.6
Description
A heap overflow issue was discovered via the
modbus mapping free() function. This issue affects libmodbus and can be exploited, but specific details about the number of potentially affected devices or real-world incidents are not provided.Recommendations
For libmodbus version 3.1.6, consider disabling the
modbus mapping free() function as a temporary workaround until a patch is available.Exploit
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Libmodbus