CVE-2007-4827

critical

Description

Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/36677

http://www.securitytracker.com/id?1018707

http://www.securityfocus.com/bid/25713

http://www.securityfocus.com/archive/1/479967/100/0/threaded

http://www.nessus.org/plugins/index.php?view=single&id=26066

http://www.kb.cert.org/vuls/id/981849

http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm

http://osvdb.org/38259

http://dvlabs.tippingpoint.com/advisory/TPTI-07-15

Details

Source: Mitre, NVD

Published: 2007-09-19

Updated: 2018-10-15

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical