Schneider Electric Accutech Manager RFManagerService Heap Overflow

Critical Nessus Plugin ID 65603


The remote host is affected by a heap overflow vulnerability.


The remote host has a version of Schneider Electric Accutech Manager installed that is affected by a heap overflow vulnerability. By sending a specially crafted GET request to the RFManagerService listening on port 2537, an attacker could cause the service to crash or execute arbitrary code.


Upgrade to Schneider Electric Accutech Manager 2.00.2 or later.

See Also

Plugin Details

Severity: Critical

ID: 65603

File Name: scada_schneider_electric_accutech_manager_2_0_2.nbin

Version: $Revision: 1.22 $

Type: local

Family: SCADA

Published: 2013/03/18

Modified: 2018/01/29

Dependencies: 65602

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:schneider-electric:accutech_manager

Required KB Items: SCADA/Apps/Accutech/Manager/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/02/11

Vulnerability Publication Date: 2013/01/21

Exploitable With

Core Impact

Reference Information

CVE: CVE-2013-0658

BID: 57651

OSVDB: 89691

EDB-ID: 24474

ICSA: 13-043-01