QwikSec

Security Database

CVE

CWE

Training

CVE-2011-3322

Published: Sep 15, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions before 1.14, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password to the Telnet (TCP/23) port, which triggers an out-of-bounds read or write, leading to a stack-based buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

exploit

x_refsource_EXPLOIT-DB

procyon-telnet-bo(69632)

vdb-entry

x_refsource_XF

http://www.stratsec.net/Research/Advisories/Procyon-Core-Server-HMI-Remote-Stack-Overflow

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

http://www.uscert.gov/control_systems/pdf/ICSA-11-216-01.pdf

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.