Intrusion Prevention

Schneider.Electric.Serial.Modbus.Driver.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Schneider Electric Serial Modbus Driver.
The vulnerability is due to an improper boundary check condition in the application when handling a malformed request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.

Affected Products

TwidoSuite Versions 2.31.04 and earlier
PowerSuite Versions 2.6 and earlier
SoMove Versions 1.7 and earlier
SoMachine Versions 2.0, 3.0, 3.1, and 3.0 XS
Unity Pro Versions 7.0 and earlier
UnityLoader Versions 2.3 and earlier
Concept Versions 2.6 SR7 and earlier
ModbusCommDTM sl Versions 2.1.2 and earlier
PL7 Versions 4.5 SP5 and earlier
SFT2841 Versions 14, 13.1 and earlier
OPC Factory Server Versions 3.50 and earlier
Modbus Serial Driver versions that are affected:
Windows XP 32 bit V1.10 IE v37
Windows Vista 32 bit V2.2 IE12
Windows 7 32 bit V2.2 IE12
Windows 7 64 bit V3.2 IE12

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD 2013-070-01

CVE References

CVE-2013-0662