Description
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
CVSS Metrics
- Vector
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Access Vector
- network
- Access Cmplx
- medium
- Auth
- none
- Confidentiality
- complete
- Integrity
- complete
- Availability
- complete
- Weaknesses
- CWE-787
Metadata
- Primary Vendor
- SCHNEIDER-ELECTRIC
- Published
- 4/1/2014
- Last Modified
- 4/12/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
schneider-electric : conceptschneider-electric : modbus_serial_driverschneider-electric : modbus_serial_driverschneider-electric : modbus_serial_driverschneider-electric : modbuscommdtm_slschneider-electric : opc_factory_serverschneider-electric : opc_factory_serverschneider-electric : opc_factory_serverschneider-electric : pl7schneider-electric : powersuiteschneider-electric : sft2841schneider-electric : sft2841schneider-electric : somachineschneider-electric : somachineschneider-electric : somachineschneider-electric : somoveschneider-electric : twidosuiteschneider-electric : unity_proschneider-electric : unity_proschneider-electric : unityloaderschneider_electric : somachine
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.