CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
90.2%
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.
Vendor | Product | Version | CPE |
---|---|---|---|
progea | movicon_powerhmi | * | cpe:2.3:a:progea:movicon_powerhmi:*:*:*:*:*:*:*:* |
progea | movicon_powerhmi | 11 | cpe:2.3:a:progea:movicon_powerhmi:11:*:*:*:*:*:*:* |
progea | movicon_powerhmi | 11.0.1017 | cpe:2.3:a:progea:movicon_powerhmi:11.0.1017:*:*:*:*:*:*:* |