search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Automated Solutions Modbus TCP Slave ActiveX Control Vulnerability

Vulnerability Note VU#981849

Original Release Date: 2008-10-31 | Last Revised: 2008-12-19

Overview

Automated Solutions Modbus TCP Slave ActiveX Control contains a vulnerability that may allow a remote attacker to execute arbitrary code or cause a denial-of-service.

Description

Automated Solutions Modbus TCP Slave ActiveX Control fails to properly process malformed "Modbus" requests to TCP port 502 due to an error in "MiniHMI.exe". According to TippingPoint:

When processing malformed Modbus requests on this port a controllable heap corruption can occur which may result in execution of arbitrary code.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running the MiniHMI.exe or cause a denial-of-service.

Solution

Upgrade

Automated Solutions has addressed this issue with an update. OEMs who suspect they use an affected version of the Automated Solutions Modbus TCP Slave ActiveX Control should contact Automated Solutions for more information. A link to an executable is available via TippingPoint, however, the nature of this executable is not known and clicking on unknown executables is not advisable.

Restrict Access

Permit network access only as required for proper site operation.

Vendor Information

981849
 
Expand all

Automated Solutions Affected

Updated:  October 31, 2008

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

Automated Solutions released http://www.automatedsolutions.com/pub/asmbslv/setup.exe in response to this issue. Excercise caution when downloading and running unverified programs.


CVSS Metrics

Group Score Vector
Base 0 AV:--/AC:--/Au:--/C:--/I:--/A:--
Temporal 0 E:ND/RL:ND/RC:ND
Environmental 0 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Acknowledgements

This vulnerability was reported by Ganesh Devarajan of TippingPoint DVLabs.

This document was written by Chris Taschner.

Other Information

CVE IDs: CVE-2007-4827
Severity Metric: 2.84
Date Public: 2007-09-20
Date First Published: 2008-10-31
Date Last Updated: 2008-12-19 19:19 UTC
Document Revision: 16

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis