PT-2022-2282 · Unknown · Interactive Graphical Scada System Data Server

Published

2022-02-08

Updated

2022-02-17

CVE-2022-24310

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior

Description The issue is caused by an integer overflow or wraparound, leading to a heap-based buffer overflow. This could allow a remote attacker to cause a denial of service or potentially execute arbitrary code by sending specially crafted messages.

Recommendations For versions V15.0.0.22020 and prior, update to a version that fixes the integer overflow issue to prevent potential remote code execution and denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2022-02453

CVE-2022-24310

Affected Products

Interactive Graphical Scada System Data Server

PT-2022-2282 · Unknown · Interactive Graphical Scada System Data Server

CVE-2022-24310

Weakness Enumeration

Related Identifiers

Affected Products

References · 4