CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memoryafter a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamperwith memory.