10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.303 Low
EPSS
Percentile
97.0%
Added: 10/03/2008
CVE: CVE-2008-4322
BID: 31418
OSVDB: 48606
RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.
A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially crafted FC_INFOTAG/SET_CONTROL packet.
Block access to port 910/TCP.
<http://archives.neohapsis.com/archives/bugtraq/2008-09/0297.html>
Exploit works on DATAC Control RealWin SCADA System 2.0.
Windows 2000
Windows Server 2003