SCADA Engine BACnet OPC Server < 2.1.371.24 Multiple Vulnerabilities
High Nessus Plugin ID 82664
SynopsisAn application running on the remote host is affected by multiple vulnerabilities.
DescriptionThe remote host is running a version of SCADA Engine BACnet OPC Server prior to version 2.1.371.24. It is, therefore, affected by multiple vulnerabilities :
- A heap-based buffer overflow exists in the SOAP web interface, which a remote attacker, using a specially crafted packet, can exploit to execute arbitrary code or crash the service. (CVE-2015-0979)
- An vulnerability exists in 'BACnetOPCServer.exe' due to not properly sanitizing user-supplied input. A remote attacker, using format string specifiers, can exploit this to execute arbitrary code or crash the service.
- An authentication bypass flaw exists in the SOAP web interface, which allows a remote attacker to read or write or delete arbitrary database fields.
SolutionUpgrade to SCADA Engine BACnet OPC Server 2.1.371.24 or later.