CVE-2007-4473

Name of the Vulnerable Software and Affected Versions Gesytec Easylon OPC Server versions prior to 2.3.44

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface. This is probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions.

Recommendations For versions prior to 2.3.44, update to version 2.3.44 or later to resolve the issue. As a temporary workaround, consider restricting access to the OPC interface to minimize the risk of exploitation.