Details of VAR-200809-0455

ID

VAR-200809-0455

TITLE

RealWin SCADA Server Remote Stack Overflow Vulnerability

Trust: 1.0

sources: IVD: 7d79a981-463f-11e9-80ce-000c29342cb1 // IVD: 25b570ac-1fd3-11e6-abef-000c29c66e3d // CNVD: CNVD-2008-4625

DESCRIPTION

RealWin is a data acquisition and monitoring control system (SCADA) server product running on the Windows platform. If a remote attacker sends a specially crafted FC_INFOTAG / SET_CONTROL message to the RealWin server, it can trigger a stack overflow and cause arbitrary code execution. The RealWin server uses a proprietary protocol to accept connections from FlewWin clients and can exploit this vulnerability without having valid credentials

Trust: 0.9

sources: CNVD: CNVD-2008-4625 // IVD: 7d79a981-463f-11e9-80ce-000c29342cb1 // IVD: 25b570ac-1fd3-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: 7d79a981-463f-11e9-80ce-000c29342cb1 // IVD: 25b570ac-1fd3-11e6-abef-000c29c66e3d // CNVD: CNVD-2008-4625

AFFECTED PRODUCTS

vendor:

none

model:

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2008-4625

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD:	7d79a981-463f-11e9-80ce-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	25b570ac-1fd3-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2

IVD:	7d79a981-463f-11e9-80ce-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	25b570ac-1fd3-11e6-abef-000c29c66e3d
severity:	NONE
baseScore:	NONE
vectorString:	NONE
accessVector:	NONE
accessComplexity:	NONE
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	UNKNOWN
Trust: 0.2

sources: IVD: 7d79a981-463f-11e9-80ce-000c29342cb1 // IVD: 25b570ac-1fd3-11e6-abef-000c29c66e3d

TYPE

Buffer overflow

Trust: 0.4

sources: IVD: 7d79a981-463f-11e9-80ce-000c29342cb1 // IVD: 25b570ac-1fd3-11e6-abef-000c29c66e3d

EXTERNAL IDS

db:	CNVD	id:	CNVD-2008-4625	Trust: 1.0
db:	IVD	id:	7D79A981-463F-11E9-80CE-000C29342CB1	Trust: 0.2
db:	IVD	id:	25B570AC-1FD3-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 7d79a981-463f-11e9-80ce-000c29342cb1 // IVD: 25b570ac-1fd3-11e6-abef-000c29c66e3d // CNVD: CNVD-2008-4625

SOURCES

db:	IVD	id:	7d79a981-463f-11e9-80ce-000c29342cb1
db:	IVD	id:	25b570ac-1fd3-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2008-4625

LAST UPDATE DATE

2022-05-17T01:41:48.763000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2008-4625

date:

2008-09-27T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d79a981-463f-11e9-80ce-000c29342cb1	date:	2008-09-26T00:00:00
db:	IVD	id:	25b570ac-1fd3-11e6-abef-000c29c66e3d	date:	2008-09-26T00:00:00
db:	CNVD	id:	CNVD-2008-4625	date:	2008-09-26T00:00:00