CVE-2017-14855

Name of the Vulnerable Software and Affected Versions Red Lion HMI panels version HMI 2.41 PLC 2.42

Description The issue allows remote attackers to cause a denial of service, resulting in a software exception. This can be achieved by sending an HTTP POST request to a long URI that does not exist.

Recommendations For version HMI 2.41 PLC 2.42, consider restricting access to unknown or unverified HTTP POST requests to prevent the denial of service. As a temporary workaround, limiting the length of accepted URI requests may help mitigate the risk of exploitation.