Short Name |
APP:MISC:VIPA-WINPLC7-BOF |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
VIPA Controls WinPLC7 recv Stack-based Buffer Overflow |
Release Date |
2017/03/29 |
Update Number |
2846 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
A stack-based buffer overflow exists in VIPA Controls WinPLC7. A remote attacker could exploit this vulnerability by sending maliciously crafted TPKT payloads via TCP to the vulnerable application. Successful exploitation could result in denial of service conditions or, in the worst case, arbitrary code execution in the context of the user running the application.
A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution.