Multiple vulnerabilities in FactoryTalk Activation Manager

Descripción

Multiple vulnerabilities were found in FactoryTalk Activation Manager. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Vulnerability in certain versions of Wibu-Systems CodeMeter can be exploited remotely via specially designed WEB payload to perform cross-site scripting attacks;
2. Out-of-bounds writing vulnerability in custom string copying function of Imgrd.exe can be exploited remotely to execute arbitrary code;

Notas informativas originales

• FactoryTalk Activation Manager Vulnerabilities (need authorization)

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• FactoryTalk-Activation-Manager

Lista CVE

• CVE-2017-13754
  high
• CVE-2015-8277
  critical

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com