CVE-2013-0662

Name: CVE-2013-0662
Creator: NVD / NIST
Published: 2014-04-01T06:17:08.24+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 22.12%

Last modified Jun 16, 2026

CVE-2013-0662 is a vulnerability of currently unknown severity. Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.. EPSS estimates a 22.12% chance of exploitation in the next 30 days.

Description

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.

Metrics

EPSS Probability

22.12%

97.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions	Update
Schneider-Electric	Concept	<= 2.6	Sr7
Schneider-Electric	Modbus Serial Driver	1.10	—
Schneider-Electric	Modbus Serial Driver	2.2	—
Schneider-Electric	Modbus Serial Driver	3.2	—
Schneider-Electric	Modbuscommdtm Sl	<= 2.1.2	—
Schneider-Electric	Opc Factory Server	<= 3.5.0	—
Schneider-Electric	Opc Factory Server	3.34	—
Schneider-Electric	Opc Factory Server	3.35	—
Schneider-Electric	Pl7	<= 4.5	Sp7
Schneider-Electric	Powersuite	<= 2.6	—
Schneider-Electric	Sft2841	<= 14.0	—
Schneider-Electric	Sft2841	13.1	—
Schneider-Electric	Somachine	<= 3.1	—
Schneider-Electric	Somachine	2.0	—
Schneider-Electric	Somachine	3.0	—
Schneider-Electric	Somove	<= 1.7	—
Schneider-Electric	Twidosuite	<= 2.31.04	—
Schneider-Electric	Unity Pro	<= 7.0	—
Schneider-Electric	Unity Pro	6.0	—
Schneider-Electric	Unityloader	<= 2.3	—
Schneider Electric	Somachine	3.0	—

References

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01Vendor Advisory
http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01Mitigation, Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/66500Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/45219/Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/45220/Exploit, Third Party Advisory, VDB Entry
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01Vendor Advisory
http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01Mitigation, Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/66500Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/45219/Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/45220/Exploit, Third Party Advisory, VDB Entry

Timeline

Published: Apr 1, 2014
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-0662?

How severe is CVE-2013-0662?

Severity scoring for CVE-2013-0662 is pending analysis. The EPSS model estimates a 22.12% probability of exploitation in the next 30 days.

How do I fix CVE-2013-0662?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-0662?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST