The MODBUS/TCP protocol contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to an implementation error in the processing of certain parameters received via Read FIFO Queue Response messages. These messages allow a smaller logical value to be represented in its data field. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious messages that consist of malicious values in the data field. The processing of the messages could terminate the affected application unexpectedly, resulting in a DoS condition.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability. Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.