The MODBUS/TCP protocol contains a vulnerability that could allow an attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists because of an implementation error in the affected protocol that is due to improper processing of Read Input Registers or Read Holding Registers request and response messages. These messages contain parameters that, if manipulated, could reflect changes in the data field value of the packet.
An unauthenticated, remote attacker could exploit the vulnerability by sending malicious request or response messages to the affected software. The processing of such messages could trigger a DoS condition on the vulnerable implementations in targeted systems.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.