The Schneider Electric InduSoft Web Studio (IWS) or InTouch Machine Edition (ITME) running on the remote host is affected by a remote code execution vulnerability due to a stack overflow condition when handling Opcode 50 in the TCPIP server listening on the default port 1234. An unauthenticated, remote attacker can exploit this issue, via a specially crafted packet, to execute arbitrary code.
Binary data scada_schneider_electric_iws_itme_opcode_50_stack_overflow.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
schneider_electric | wonderware_intouch_machine_edition | x-cpe:/a:schneider_electric:wonderware_intouch_machine_edition | |
schneider_electric | indusoft_web_studio | cpe:/a:schneider_electric:indusoft_web_studio |