What is CVE-2008-4322?

CVE-2008-4322 is a vulnerability in N/a. Published 2008-09-29.

Is CVE-2008-4322 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-4322

Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin Server 2.0, as distributed by DATAC, allows remote attackers to execute arbitrary code via a crafted FC_INFOTAG/SET_CONTROL packet.

EPSS: 0.742 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

realwin-scada-fcinfotagsetcontrol-bo(45465) (vdb-entry, x_refsource_XF)
reversemode.com/index.php (x_refsource_MISC)
20080926 DATAC RealWin 2.0 SCADA Software - Remote PreaAuth Exploit (mailing-list, x_refsource_BUGTRAQ)
32055 (x_refsource_SECUNIA, third-party-advisory)
31418 (vdb-entry, x_refsource_BID)
VU#976484 (x_refsource_CERT-VN, third-party-advisory)
ADV-2008-2694 (vdb-entry, x_refsource_VUPEN)

Frequently asked questions

What is CVE-2008-4322?: CVE-2008-4322 is a vulnerability in N/a. Published 2008-09-29.
Is CVE-2008-4322 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.