Signature Detail

APP: ABB Products RobNetScanHost.exe Stack Buffer Overflow

This signature detects attempts to exploit a known vulnerability in ABB Product. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Extended Description

Multiple ABB products are prone to a stack-based buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied data. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: • ABB Interlink Module versions 4.6 through 4.9 • IRC5 OPC Server versions up to and including 5.14.01 • PC SDK versions up to and including 5.14.01 • PickMaster 3 versions up to and including 3.3 • PickMaster 5 versions up to and including 5.13 • Robot Communications Runtime versions up to and including 5.14.01 • RobotStudio versions supporting IRC5 up to and including 5.14.01 • RobView 5 • WebWare SDK versions 4.6 through 4.9 • WebWare Server versions 4.6 through 4.91

Affected Products

• Abb interlink_module 4.6
• Abb interlink_module 4.9
• Abb irc5_opc_server 5.14.01
• Abb pc_sdk 5.14.01
• Abb pickmaster_3 3.3
• Abb pickmaster_5 5.13
• Abb robot_communications_runtime 5.14.01
• Abb robotstudio 5.14.01
• Abb robview_5
• Abb webware_sdk 4.6
• Abb webware_sdk 4.9
• Abb webware_server 4.6
• Abb webware_server 4.91

References

• BugTraq: 52123
• CVE: CVE-2012-0245