{"vuid":"VU#768840","idnumber":"768840","name":"Automated Solutions Modbus/TCP Master OPC server Modbus TCP header vulnerability","keywords":["scada","Automated Solutions","OPC Server"],"overview":"Automated Solutions OPC Server contains a heap corruption vulnerability in the Modbus/TCP Master OPC server.","clean_desc":"Automated Solutions Modbus/TCP Master OPC Server contains a heap corruption vulnerability. The server is vulnerable to an attacker writing an arbitrary number of double words or DWORDs onto the heap. For additional information see ICSA-10-322-02A. Exploit code for this vulnerability is publicly available.","impact":"Successful exploitation would likely not allow arbitrary code execution; however, an exploit could possibly corrupt the OPC server memory and cause a denial of service.","resolution":"Upgrade According to the Modbus/TCP OPC Server readme file, version 3.0.2 addresses this vulnerability.","workarounds":"Restrict Access Enable firewall rules to restrict access to only trusted sources.","sysaffected":"","thanks":"Thanks to Jeremy Brown for reporting this vulnerability to ICS-CERT.","author":"This document was written by Michael Orlando.","public":["http://automatedsolutions.com/pub/asmbtcpopc/readme.htm","http://www.us-cert.gov/control_systems/pdf/ICSA-10-322-02A.pdf"],"cveids":["CVE-2010-4709"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2010-11-22T21:08:08Z","publicdate":"2010-11-22T00:00:00Z","datefirstpublished":"2011-02-03T15:09:56Z","dateupdated":"2011-02-03T15:09:57Z","revision":22,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"18","cam_population":"17","cam_impact":"14","cam_easeofexploitation":"3","cam_attackeraccessrequired":"2","cam_scorecurrent":"1.01745","cam_scorecurrentwidelyknown":"1.01745","cam_scorecurrentwidelyknownexploited":"1.55295","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.01745,"vulnote":null}