KLA10502
Multiple vulnerabilities in BACnet OPC Server
Обновлено: 17/06/2019
Дата обнаружения
16/03/2015
Уровень угрозы
Critical
Описание

Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database.

Below is a complete list of vulnerabilities

  1. An unknwon vulnerabilities can be exploited remotely via unknown vectors related to SOAP web interface;
  2. Heap-based buffer overflow and format string vulnerability can be exploited remotely via a specially designed packet or string.
Пораженные продукты

BACnet OPC Server versions earlier than 2.1.371.24

Решение

Update to the latest version!
Get BACnet OPC Server

Оказываемое влияние
?
ACE 
[?]

OSI 
[?]
CVE-IDS
CVE-2015-09817.5Critical
CVE-2015-09799.0Critical
CVE-2015-09809.0Critical