CVE-2022-1068: 
Modbus Slave vulnerability analysis and mitigation

Modbus Tools Modbus Slave versions 7.4.2 and prior contains a stack-based buffer overflow vulnerability in the registration field (CVE-2022-1068). The vulnerability was discovered by Yehia Elghaly and disclosed on March 29, 2022. The affected product is a PLC programming simulation tool deployed worldwide, with the company headquarters located in Denmark (CISA Advisory).

The vulnerability is classified as a stack-based buffer overflow (CWE-121) that occurs in the registration field of the application. When a long character string is input into the registration field, it may trigger the buffer overflow condition. The vulnerability has been assigned a CVSS v3 base score of 5.5 with the vector string AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, indicating local attack vector, low attack complexity, no privileges required, and user interaction required (CISA Advisory).

Successful exploitation of this vulnerability could result in the application crashing when inputting a registration key. The impact is primarily focused on availability, with no direct impact on confidentiality or integrity of the system (CISA Advisory).

Modbus Tools has addressed the vulnerability by releasing version 7.4.3. Users are recommended to update to version 7.4.3 or later to mitigate this vulnerability. Organizations should perform proper impact analysis and risk assessment prior to implementing any defensive measures (CISA Advisory).