BID:51158

Schneider Electric Quantum Ethernet Module 'modbus_125_handler()' Code Execution Vulnerability

Info

Schneider Electric Quantum Ethernet Module 'modbus_125_handler()' Code Execution Vulnerability

Bugtraq ID:	51158
Class:	Design Error
CVE:	CVE-2011-4861
Remote:	Yes
Local:	No
Published:	Dec 21 2011 12:00AM
Updated:	Dec 21 2011 12:00AM
Credit:	Rubén Santamarta
Vulnerable:	Schneider Electric Quantum Ethernet Module 140NOE77111 5.0 Schneider Electric Quantum Ethernet Module 140NOE77110 3.3 Schneider Electric Quantum Ethernet Module 140NOE77100 3.4

Not Vulnerable:

Discussion

Schneider Electric Quantum Ethernet Module 'modbus_125_handler()' Code Execution Vulnerability

Schneider Electric Quantum Ethernet Module is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to install arbitrary firmware updates on the affected device. Successful exploits will allow attackers to execute arbitrary code, completely compromising the device.

Exploit / POC

Schneider Electric Quantum Ethernet Module 'modbus_125_handler()' Code Execution Vulnerability

Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Schneider Electric Quantum Ethernet Module 'modbus_125_handler()' Code Execution Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

Schneider Electric Quantum Ethernet Module 'modbus_125_handler()' Code Execution Vulnerability

References:

Schneider Electric Homepage (Schneider Electric)
ICS-ALERT-11-346-01�??SCHNEIDER ELECTRIC QUANTUM ETHERNET MODULE MULTIPLE VULNERA (Rubén Santamarta)
Reversing Industrial firmware for fun and backdoors I (Reversemode)