Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:MISC:VIPA-WINPLC7-BOF |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
VIPA Controls WinPLC7 recv Stack-based Buffer Overflow |
Release Date |
2017/03/29 |
Update Number |
2846 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: VIPA Controls WinPLC7 recv Stack-based Buffer Overflow
A stack-based buffer overflow exists in VIPA Controls WinPLC7. A remote attacker could exploit this vulnerability by sending maliciously crafted TPKT payloads via TCP to the vulnerable application. Successful exploitation could result in denial of service conditions or, in the worst case, arbitrary code execution in the context of the user running the application.
Extended Description
A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution.
Affected Products
- Vipa_controls winplc7_firmware 5.0.45.5921
References
- CVE: CVE-2017-5177