Intrusion PreventionSchneider.Electric.Serial.Modbus.Driver.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Schneider Electric Serial Modbus Driver.
The vulnerability is due to an improper boundary check condition in the application when handling a malformed request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.
Affected Products
TwidoSuite Versions 2.31.04 and earlier
PowerSuite Versions 2.6 and earlier
SoMove Versions 1.7 and earlier
SoMachine Versions 2.0, 3.0, 3.1, and 3.0 XS
Unity Pro Versions 7.0 and earlier
UnityLoader Versions 2.3 and earlier
Concept Versions 2.6 SR7 and earlier
ModbusCommDTM sl Versions 2.1.2 and earlier
PL7 Versions 4.5 SP5 and earlier
SFT2841 Versions 14, 13.1 and earlier
OPC Factory Server Versions 3.50 and earlier
Modbus Serial Driver versions that are affected:
Windows XP 32 bit V1.10 IE v37
Windows Vista 32 bit V2.2 IE12
Windows 7 32 bit V2.2 IE12
Windows 7 64 bit V3.2 IE12
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD 2013-070-01
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2018-10-26 | 13.480 | Sig Added |
| ID | 39688 |
| Created | Dec 18, 2014 |
| Updated | Mar 26, 2022 |
| Risk |
|
| CVE ID | CVE-2013-0662 |
| Exploit Prediction Score | 11.5% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | SCADA |