Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_ASMBSLV_ACTIVEX_HEAP_CORRUPTION.NBIN
HistorySep 19, 2007 - 12:00 a.m.

Automated Solutions Modbus Slave MiniHMI.exe ActiveX Modbus/TCP Diagnostic Function Arbitrary Code Execution

2007-09-1900:00:00
This script is Copyright (C) 2007-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
JSON

The remote host contains the Automated Solutions Modbus TCP Slave ActiveX control, which allows a PC to emulate a Modbus Serial and / or TCP slave device.

The version of this control installed on the remote host reportedly contains a buffer overflow issue with the Modbus/TCP Diagnostic function (FC8). Using specially-crafted Modbus requests. An unauthenticated remote attacker may be able to leverage this issue to execute arbitrary code remotely subject to the privileges of the user running the MiniHMI.exe program.

Binary data scada_asmbslv_activex_heap_corruption.nbin
JSON