CVE-2025-15234

HighProof-of-Concept

Schneider Electric EcoStruxure SCADA Buffer Overflow

PERIMETER DEVICE RISK

8.6

CVSS v3.1 Base Score

High severity — Prioritize remediation

AV: Network AC: MediumAuth: None

A stack-based buffer overflow in the Modbus TCP handler of EcoStruxure Control Expert. A crafted Modbus request with an oversized function code payload overwrites the return address on the stack. No authentication is required. Impact includes full SCADA system compromise and unauthorized process variable manipulation. Exploitation complexity is moderate due to ASLR on newer systems.

Status

Proof-of-Concept

Complexity

Medium

Auth Required

Initial Access

Modbus TCP connection (TCP/502)

Known Techniques

Oversized Modbus function code 43 (Read Device Identification) with crafted MEI payload
Stack smashing via overlong register write request (function code 16)

Published:2025-02-03

Modified:2025-02-10

Vendor:Schneider Electric

CWE:CWE-121

Stack-based Buffer Overflow

Risk Summary

Overall RiskHigh

ExploitationProof-of-Concept

DetectionHigh coverage

Detection Rate94%

Rules Available2

CVE-2025-15234

Schneider Electric EcoStruxure SCADA Buffer Overflow

CVSS v3.1 Base Score

Executive Summary

Exploitation Context

Technical Vulnerability Breakdown

Full Description

Detection & Rule Intelligence (2 rules)

Rule Effectiveness & Testing Results

OT Risk Assessment

Mitigation & Response Guidance

Recommendations & Tuning Notes

Affected Products

References