Lucene search

[email protected]CVE-2011-4041

HistoryFeb 06, 2012 - 8:55 p.m.

CVE-2011-4041

2012-02-0620:55:02

CWE-94

[email protected]

web.nvd.nist.gov

cve-2011-4041

webvrpcs.exe

advantech

broadwin webaccess

remote code execution

rpc

tcp port 4592

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.122 Low

EPSS

Percentile

95.4%

JSON

webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592.

Affected configurations

NVD

Node

broadwinwebaccess

CPENameOperatorVersion
broadwin:webaccessbroadwin webaccesseq*

CPE	Name	Operator	Version
broadwin:webaccess	broadwin webaccess	eq	*

References

reversemode.com/index.php?option=com_content&task=view&id=72&Itemid=1

www.reversemode.com/downloads/exploit_advantech.zip

www.reversemode.com/downloads/Scada_Trojans_Ruben_Rootedcon.pdf

www.securityfocus.com/archive/1/517117

www.securityfocus.com/bid/47008

www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-081-01.pdf

www.us-cert.gov/control_systems/pdf/ICSA-11-094-02A.pdf

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.122 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2011-4041

nvd1 cvelist1 prion1 ics1 nessus1