PT-2017-16365 · Vipa Controls · Winplc7

James Fitts

Published

2017-02-28

Updated

2017-09-16

CVE-2017-5177

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions VIPA Controls WinPLC7 versions 5.0.45.5921 and prior

Description A Stack Buffer Overflow issue has been discovered, allowing an attacker with a specially crafted packet to overflow the fixed length buffer, potentially enabling remote code execution.

Recommendations For VIPA Controls WinPLC7 versions 5.0.45.5921 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

CVE-2017-5177

ZDI-17-112

Affected Products

Winplc7

PT-2017-16365 · Vipa Controls · Winplc7

CVE-2017-5177

Weakness Enumeration

Related Identifiers

Affected Products

References · 6