Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database.

Below is a complete list of vulnerabilities

1. An unknwon vulnerabilities can be exploited remotely via unknown vectors related to SOAP web interface;
2. Heap-based buffer overflow and format string vulnerability can be exploited remotely via a specially designed packet or string.

BACnet OPC Server versions earlier than 2.1.371.24

Update to the latest version!
Get BACnet OPC Server