Buffer Overflow Vulnerability in CitectSCADA and MX4 SCADA by Schneider Electric and Mitsubishi
CVE-2011-5163

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Citectscada; Mx4 Scada
Vendor: CVE Published:; 15 September 2012

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2011-5163?

A buffer overflow vulnerability exists in a third-party component of the Batch module for Schneider Electric CitectSCADA and Mitsubishi MX4 SCADA versions prior to 7.20. This flaw allows local users to execute arbitrary code by sending a long string during the login process, potentially compromising the integrity of the system and leading to unauthorized access and control.

References

http://www.citect.com/citectscada-batch

x_refsource_CONFIRM

http://www.osvdb.org/76937

vdb-entryx_refsource_OSVDB

http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 15, 2012