CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.8%
Added: 04/20/2011
CVE: CVE-2011-1563
BID: 46937
RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.
A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially crafted FC_CTAGLIST_FCS_CADDTAG, FC_CTAGLIST_FCS_CDELTAG or FC_CTAGLIST_FCS_ADDTAGMS packet.
Block access to port 910/TCP.
<http://aluigi.org/adv/realwin_3-adv.txt>
<http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-04.pdf>
<http://secunia.com/advisories/43848>
This exploit works against RealFlex RealWin SCADA System 1.6a on Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802, and on Windows Server 2008 SP2 English (DEP AlwaysOff).
Windows Server 2003
Windows Server 2008