Trihedral VTScada 6.5 through 9.x <= 9.1.19, 10.x <= 10.2.21, and 11.x <= 11.1.08 Remote Denial of Service
High Nessus Network Monitor Plugin ID 8609
SynopsisA vulnerable VTScada server has been detected.
DescriptionTrihedral VTScada versions 6.5 through 9.1.19, 10.x through 10.2.21, and 11.x through 11.1.08 contain a denial of service vulnerability caused by an integer overflow condition due to inadequately validated user input. A remote and unauthenticated attacker could cause the VTScada server to crash by sending a specially crafted packet to the VTScada server.
SolutionTrihedral has released three updated versions of VTScada that resolve this issue: 11.1.09, 10.2.22, and 9.1.20. Upgrade the software per the vendor's recommendations.