The MODBUS/TCP protocol contains a vulnerability that could allow an attacker to cause a denial of service condition on a targeted system.
The vulnerability exists because the affected protocol fails to handle various request and response parameters in messages such as Read Coils Request, Read Coil Response, Write Single Coil Request, or Write Multiple Coils Request. An unauthenticated, remote attacker could exploit this vulnerability by issuing illegal requests via any of the vulnerable messages to the vulnerable implementation. The processing of such messages could trigger a DoS condition on the targeted system or allow the attacker to gain knowledge about other flaws in the MODBUS/TCP implementation.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.