CVE-2024-10918
Published: 27 February 2025
Summary
CVE-2024-10918 is a medium-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Libmodbus Libmodbus. Its CVSS base score is 4.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 25.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2024-10918, published on 2025-02-27, is a stack-based buffer overflow vulnerability in libmodbus version 3.1.10. The flaw allows the buffer allocated for a Modbus response to be overflowed when the function attempts to reply to a Modbus request with an unexpected length. It is classified under CWE-121 (Stack-based Buffer Overflow) and CWE-787 (Out-of-bounds Write).
The vulnerability carries a CVSS v3.1 base score of 4.8 (Medium), with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L. Unauthenticated attackers accessible over the network can potentially exploit it, though exploitation requires high attack complexity and no user interaction. Successful attacks could lead to limited impacts on integrity and availability, such as partial denial of service or minor data tampering, with no confidentiality loss.
Advisories providing details on mitigations and patches are available from Nozomi Networks at https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-10918 and the Debian LTS announcement at https://lists.debian.org/debian-lts-announce/2025/03/msg00010.html. Security practitioners should consult these sources for system-specific remediation guidance.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-53894
Vulnerability details
Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack buffer overflow in libmodbus enables remote exploitation of Modbus services (remote protocol handling) for DoS or limited tampering via crafted requests.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the stack-based buffer overflow in libmodbus by requiring timely application of patches or updates to remediate the specific flaw in version 3.1.10.
Implements memory protection mechanisms such as stack canaries, ASLR, or non-executable stacks to prevent exploitation of the stack-based buffer overflow vulnerability.
Requires validation of Modbus request lengths to prevent processing unexpected inputs that trigger the response buffer overflow in libmodbus.