CVE-2026-54410

Published: Giu 14, 2026 Last Modified: Giu 14, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,8

Source: 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

HIGH 8,6

Source: 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: high

HIGH 9,0

Source: 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c

Access Vector: network

Access Complexity: low

Authentication: none

Confidentiality: partial

Integrity: partial

Availability: complete

Description

AI Translation Available

nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP frame whose Length field is set to 255. The overflow corrupts the adjacent buffer-index field of the nanoMODBUS state structure, resulting in denial of service through invalid memory accesses and, on bare-metal and RTOS targets without memory protection, one-byte information disclosure and writes to unintended register addresses on the Write Multiple Registers (FC16) handler path.

193

Off-by-one Error

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Instability Modify Memory Execute Unauthorized Code Or Commands Bypass Protection Mechanism