Skip to main content

PcapPlusPlus EUVDEUVD-2026-40152

| CVE-2026-13590 LOW
Buffer Overflow (CWE-119)
2026-06-29 cna@vuldb.com GHSA-r3g9-96ff-r4rp
2.9
CVSS 4.0 · Vendor: vuldb

Severity by source

Vendor (vuldb) PRIMARY
2.9 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.6 MEDIUM

Network-reachable Modbus parser requires no auth or interaction (PR:N/UI:N), but AC:H reflects the heap manipulation complexity; no scope change and only limited C/I/A impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 29, 2026 - 17:32 vuln.today

DescriptionCVE.org

A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is said to be difficult. The exploit has been released to the public and may be used for attacks. The patch is identified as 4c90c3e3418a2b09dc82b7ca5775e9c1e22fe454. Applying a patch is advised to resolve this issue.

AnalysisAI

Heap-based buffer overflow in PcapPlusPlus 25.05 allows remote, unauthenticated attackers to corrupt heap memory by sending a crafted Modbus TCP packet containing a malformed length field to applications using the library's pcpp::ModbusLayer::getLength() parser. The CVSS 4.0 score of 2.9 reflects the high attack complexity (AC:H) required to exploit the flaw reliably, with impact capped at low across confidentiality, integrity, and availability. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send crafted Modbus TCP packet with oversized length field
Delivery
Application passes packet to pcpp::ModbusLayer::getLength()
Exploit
Function uses unvalidated length in heap memory operation
Execution
Heap buffer overflow overwrites adjacent memory
Impact
Achieve limited heap corruption with partial C/I/A impact

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target application uses PcapPlusPlus version 25.05 (or another version containing the vulnerable `ModbusLayer::getLength` implementation) and actively parses Modbus TCP protocol packets from an attacker-reachable network source. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 2.9, combined with the E:P (proof-of-concept) supplement, accurately reflects a vulnerability that is theoretically reachable remotely but practically difficult to exploit. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network access to an application passively capturing or actively parsing Modbus TCP traffic via PcapPlusPlus sends a single crafted Modbus packet in which the MBAP length field contains a value exceeding the actual packet buffer size. When the application processes this packet, `pcpp::ModbusLayer::getLength()` uses the unsanitized length value in a heap memory operation, writing beyond the allocated buffer boundary. …
Remediation The upstream fix is available as commit 4c90c3e3418a2b09dc82b7ca5775e9c1e22fe454 on the PcapPlusPlus GitHub repository, merged via PR #2159 (https://github.com/seladb/PcapPlusPlus/pull/2159). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40152 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy