CVE-2013-5741 Information

Description

Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502.

Reference

http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/ http://osvdb.org/ref/97/tri-nano10.txt http://www.osvdb.org/97728