Cyber Resilience

CVE-2026-29972

High

Published: 08 May 2026

Published
08 May 2026
Modified
13 May 2026
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS Score 0.0064 46.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-29972 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 46.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recv_read_registers_res() in nanomodbus.c. When a client calls nmbs_read_holding_registers() or nmbs_read_input_registers(), the library writes register data from the server response to the caller-provided buffer based on the response's byte_count field before validating…

more

that byte_count matches the requested quantity. A malicious Modbus TCP server can send a response with byte_count=250 (125 registers) regardless of the requested quantity, causing up to 248 bytes of attacker-controlled data to overflow the buffer, potentially allowing remote code execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

Stack buffer overflow in Modbus client response parsing enables attacker-controlled RCE via malicious server, directly mapping to client-side exploitation technique.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-54480Shared CWE-121
CVE-2025-69195Shared CWE-121
CVE-2026-43661Shared CWE-121
CVE-2019-25321Shared CWE-121
CVE-2026-33554Shared CWE-121
CVE-2024-34579Shared CWE-121
CVE-2020-37142Shared CWE-121
CVE-2026-1761Shared CWE-121
CVE-2020-37181Shared CWE-121
CVE-2019-25365Shared CWE-121

Affected Assets

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References