Buffer overflow in Progea Movicon_powerhmi

CVE-2011-3499

Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to…

Vulnerability class: Buffer Overflow

EPSS: 0.541 (98.1th percentile) — read the EPSS interpretation.

Affected products

Progea Movicon_powerhmi — versions 11, 11.0.1017
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (Exploit, x_refsource_MISC)
movicon-eidp-dos(69789) (vdb-entry, x_refsource_XF)
cve@mitre.org (US Government Resource, x_refsource_MISC)