CVE-2022-1068

MEDIUM

Modbustools Modbus Slave < 7.4.3 - Out-of-Bounds Write

Title source: rule

Description

Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used.

Exploits (1)

nomisec STUB 3 stars

by webraybtl · poc

https://github.com/webraybtl/CVE-2022-1068

View Code ZIP pw:eip

References (1)

Core 1

Core References

Patch, Third Party Advisory, US Government Resource x_refsource_confirm

https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-04

Scores

CVSS v3 5.5

EPSS 0.0019

EPSS Percentile 40.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-121 CWE-787

Status published

Products (1)

modbustools/modbus_slave < 7.4.3

Published Apr 01, 2022

Tracked Since Feb 18, 2026