7-Technologies IGSS < 184.108.40.20643 ODBC Remote Memory Corruption
Critical Nessus Plugin ID 54645
SynopsisThe remote Windows host contains a SCADA application that is affected by a memory corruption vulnerability.
DescriptionThe installed version of IGSS from 7-Technologies is earlier than 220.127.116.1143. As such, it potentially has a memory corruption error in the Open Database Connectivity (ODBC) component listening on TCP port 20222.
Using specially crafted packets, an unauthenticated, remote attacker could leverage this issue to execute arbitrary code with administrative privileges.
SolutionApply the IGSS Update to upgrade to IGSS version 18.104.22.16843 or later.