About CVE-2024-36843: libmodbus v3.1.6 design weakness (3 June 2024)

Preface: Modbus is a communication protocol widely used in the field of industrial automation. It provides a standardized method for devices to communicate with each other over the network, making it an important tool for connecting and controlling various industrial equipment.

Background: libmodbus supports the following functions:

  • Support Modbus-RTU and Modbus-TCP
  • Support common function codes, such as 01/02/03/04/05/06/07/0F/10/11/16/17 Support coil type reading and writing, register reading and writing, discrete quantity reading, etc.
  • Support broadcast address 0, slave address 1-247
  • Support floating point and integer data conversion, big endian and small endian and other modes
  • Parameters are designed according to the official standard document Modbus_Application_Protocol_V1_1b.pdf, such as the maximum number of read and write coils, the maximum number of read and write registers, etc.
  • The source code is written in C, which is convenient for porting on various platforms, with only 11 files.

Vulnerability details: libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function.

Official announcement: For detail, please refer to link –https://www.tenable.com/cve/CVE-2024-36843

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.