PT-2011-4213 · Progea · Progea Movicon

Published

2011-07-29

Updated

2011-08-01

CVE-2011-2963

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Progea Movicon versions 11.2 before Build 1084

Description The issue allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service via a crafted packet to TCP port 10651, due to the lack of authentication for critical functions in TCPUploadServer.exe.

Recommendations For Progea Movicon version 11.2 before Build 1084, update to Build 1084 or later to resolve the issue.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2011-2963

Affected Products

Progea Movicon

PT-2011-4213 · Progea · Progea Movicon

CVE-2011-2963

Weakness Enumeration

Related Identifiers

Affected Products

References · 7