ID
VAR-201109-0403
TITLE
Multiple vulnerabilities in Progea Movicon/PowerHMI
Trust: 0.6
sources:
CNVD: CNVD-2011-3682
DESCRIPTION
Movicon was developed by the famous Italian automation software provider PROGEA. Movicon is the new third generation (Scada/HMI) industrial monitoring software. Progea Movicon/PowerHMI is vulnerable to overflow vulnerabilities due to insufficient restrictions on the Content-Length field. An attacker could exploit this vulnerability to execute arbitrary code to achieve the purpose of the attack
Trust: 0.72
sources:
CNVD: CNVD-2011-3682 //
IVD: 974fb8a8-1f88-11e6-abef-000c29c66e3d
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
sources:
IVD: 974fb8a8-1f88-11e6-abef-000c29c66e3d //
CNVD: CNVD-2011-3682
AFFECTED PRODUCTS
| vendor: | progea | model: | movicon/powerhmi | scope: | lte | version: | <=11.2.1085 | Trust: 0.8 |
sources:
IVD: 974fb8a8-1f88-11e6-abef-000c29c66e3d //
CNVD: CNVD-2011-3682
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
IVD: 974fb8a8-1f88-11e6-abef-000c29c66e3d
TYPE
Buffer overflow
Trust: 0.2
sources:
IVD: 974fb8a8-1f88-11e6-abef-000c29c66e3d
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2011-3682 | Trust: 0.8 |
| db: | EXPLOIT-DB | id: | 17842 | Trust: 0.6 |
| db: | IVD | id: | 974FB8A8-1F88-11E6-ABEF-000C29C66E3D | Trust: 0.2 |
sources:
IVD: 974fb8a8-1f88-11e6-abef-000c29c66e3d //
CNVD: CNVD-2011-3682
REFERENCES
| url: | http://www.exploit-db.com/exploits/17842/ | Trust: 0.6 |
sources:
CNVD: CNVD-2011-3682
SOURCES
| db: | IVD | id: | 974fb8a8-1f88-11e6-abef-000c29c66e3d |
| db: | CNVD | id: | CNVD-2011-3682 |
LAST UPDATE DATE
2022-05-17T01:43:33.432000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-3682 | date: | 2011-09-15T00:00:00 |
SOURCES RELEASE DATE
| db: | IVD | id: | 974fb8a8-1f88-11e6-abef-000c29c66e3d | date: | 2011-09-15T00:00:00 |
| db: | CNVD | id: | CNVD-2011-3682 | date: | 2011-09-15T00:00:00 |