Stack-based Buffer Overflow in Azeotech DAQFactory Software by Azeotech
CVE-2011-3492

Currently unrated

Key Information:

Vendor: Azeotech
Status: Daqfactory
Vendor: CVE Published:; 16 September 2011

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 70%

What is CVE-2011-3492?

A stack-based buffer overflow vulnerability exists in Azeotech's DAQFactory software versions 5.85 build 1853 and earlier. This flaw allows remote attackers to send specially crafted NETB packets to UDP port 20034, potentially causing a denial of service by crashing the software or executing arbitrary code. It is crucial to patch affected systems to mitigate this risk.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2011-3492 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/69764

vdb-entryx_refsource_XF

http://aluigi.altervista.org/adv/daqfactory_1-adv.txt

x_refsource_MISC

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-2...

x_refsource_MISC

EPSS Score

70% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Sep 16, 2011
👾
Exploit known to exist
Sep 16, 2011
Vulnerability published
Sep 16, 2011
Vulnerability Reserved
Sep 16, 2011

CVE-2011-3492 Data

JSON