Описание
Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets.
Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-0781
- https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-070-01a
- http://ics-cert.us-cert.gov/advisories/ICSA-14-070-01
- http://www.securityfocus.com/bid/66130
- http://www.yokogawa.com/dcs/security/ysar/dcs-ysar-index-en.htm.
Связанные уязвимости
nvd
почти 12 лет назад
Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets.
CVSS3: 8.8
fstec
больше 5 лет назад
Уязвимость службы “BKCLogSvr.exe” программных продуктов Yokogawa, связанная с выходом операции за границу буфера в памяти, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код