Abb · X87 · CVE-2008-2474
Name of the Vulnerable Software and Affected Versions:
ABB Process Communication Unit 400 (PCU400) versions 4.4 through 4.6
Description:
The issue allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface. This is due to a buffer overflow in x87 before version 3.5.5.
Recommendations:
For versions 4.4 through 4.6, update to version 3.5.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the X87 web interface to minimize the risk of exploitation.