PT-2022-8582 · Fieldcomm · Hart-Ip
Reid Wightman
·
Published
2022-05-19
·
Updated
2022-06-02
·
CVE-2020-16209
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Fieldcomm Group HART-IP version 1.0.0.0
Description
A malicious attacker could exploit the interface by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device.
Recommendations
For Fieldcomm Group HART-IP version 1.0.0.0, consider implementing input validation to restrict the size of message payloads as a temporary workaround until a patch is available. Restrict access to the device's interface to minimize the risk of exploitation.
Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hart-Ip