Primary

Context

gmg137 snap7-rs Heap-Based Buffer Overflow Vulnerability in opWriteArea Function

Vulnerability

A heap-based buffer overflow vulnerability has been identified in the gmg137 snap7-rs library, affecting versions up to 1.142.1. The issue arises in the TSnap7MicroClient::opWriteArea function within s7_micro_client.cpp. This vulnerability can be exploited remotely, allowing attackers to manipulate the function's input and cause a heap overflow.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, where the overflowed memory can be controlled by an attacker, potentially allowing for arbitrary code execution or causing a crash.

Reproduction

The vulnerability can be reproduced by calling the 'ct_write' method of the 'S7Client' class with a crafted payload that includes an unconstrained size parameter. This can be done using a fuzzing tool that targets the 'snap7_rs' library.

Added: Dec 14, 2025, 5:17 PM

Updated: Dec 14, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.7

remediation

0.0

relevance

1.4

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.7

remediation

0.0

relevance

1.4

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

gmg137 snap7-rs Heap-Based Buffer Overflow Vulnerability in opWriteArea Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating