PT-2016-3219 · Ibhsoftec · S7-Softplc

Ariele Caltabiano

Publicado

2016-11-08

Atualizado

2017-02-28

CVE-2016-8364

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBHsoftec S7-SoftPLC versions prior to 4.12b

Description The issue is caused by a heap-based buffer overflow in the object memory when reading a network packet that is larger than the available space. This can allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 4.12b, update to version 4.12b or later to resolve the issue. As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.

Correção

Buffer Overflow

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-122

Identificadores relacionados

BDU:2017-02585

CVE-2016-8364

ZDI-16-604

Produtos afetados

S7-Softplc

PT-2016-3219 · Ibhsoftec · S7-Softplc

CVE-2016-8364

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6