Movicon < 11.2 Build 1084 Multiple Vulnerabilities

high Nessus Plugin ID 52993


The remote Windows host has a SCADA application that is affected by multiple flaws.


The installed version of Movicon is older than 11.2 Build 1084, and hence it is affected by multiple flaws. By sending a specially crafted packet to the TcpUploadServer service (included with Movicon) listening on port 10651, it might be possible for an unauthenticated attacker to crash the service, retrieve sensitive information, or execute arbitrary code on the remote system.


Upgrade to Movicon 11.2 Build 1084 or later.

See Also

Plugin Details

Severity: High

ID: 52993

File Name: scada_movicon_11_2.nbin

Version: 1.51

Type: local

Family: SCADA

Published: 3/25/2011

Updated: 7/19/2022

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: SCADA/Apps/Movicon/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/15/2011

Vulnerability Publication Date: 3/15/2011

Reference Information

CVE: CVE-2011-2963

BID: 46907

EDB-ID: 17034

ICS-ALERT: 11-056-01, 11-056-01A