|
Port 502 Details
known port assignments and vulnerabilities
threat/application/port search:
| Port(s) |
Protocol |
Service |
Details |
Source |
| 502 |
tcp |
asa-appl-proto |
Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a denial of service (hang) via unspecified manipulations as demonstrated by a Nessus scan or (2) malformed input to TCP port 502.
References: [CVE-2008-7199]
The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502.
References: [CVE-2011-4861]
Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.
References: [CVE-2007-4827] [BID-25713] [OSVDB-38259]
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502.
References: [CVE-2013-2784]
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502.
References: [CVE-2013-5741], [OSVDB-97728], [SECUNIA-55782]
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded.
References: [CVE-2017-7575], [BID-97523]
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.
References: [CVE-2018-5400]
An issue was discovered on TENGCONTROL T-920 PLC v5.5 devices. It allows remote attackers to cause a denial of service (persistent failure mode) by sending a series of \x19\xb2\x00\x00\x00\x06\x43\x01\x00\xac\xff\x00 (aka UID 0x43) requests to TCP port 502.
References: [CVE-2019-9590], [XFDB-158222]
Carel pCOWeb HVAC could allow a remote attacker to bypass security restrictions, caused by no authentication mechanism required for Modbus interface on TCP port 502. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions.
References: [XFDB-170822]
IANA registered for: Modbus Application Protocol, asa-appl-proto |
SG
|
| 502 |
tcp,udp |
|
Modbus, Protocol (unofficial) |
Wikipedia
|
| 502 |
tcp,udp |
mbap |
Modbus Application Protocol, modified: 2014-06-10 |
IANA
|
|
3 records found
|