EUVD-2020-15312

Malware in sbrugna...

CVE-2020-22552

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed...

CVE-2020-22552

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed...

Code injection

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed...

CVE-2020-22552

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed...

CVE-2020-22552

The CVE-2020-22552 issue affects the Snap7 server component, specifically version 1.4.1, where an attacker sending a crafted COTP packet with the last-data-unit flag set to No and triggering a S7 writes a var function can crash the server. The root cause is described in the PT-2020-15480 report, ...

CVE-2020-15158

CVE-2020-15158 affects libIEC61850 up to version 1.4.x; when receiving a COTP message with length

PT-2020-14234 · Unknown +1 · Libiec61850 +1

Name of the Vulnerable Software and Affected Versions: libIEC61850 versions prior to 1.4.3 Description: The issue occurs when a message with a COTP message length field with a value less than 4 is received, leading to an integer underflow and potentially a heap buffer overflow. This can cause an...

Denial of Service Vulnerability in S7 300 Communication Card CP343-1

Siemens PLC CP 343-1 Model 6GK7 343-1EX30-0XE0 Firmware is the communication processor. A denial of service vulnerability exists in Siemens PLC CP 343-1 model 6GK7 343-1EX30-0XE0 firmware version V2.6.0. An attacker can cause the PLC to refuse to reply to a new COTP request from the client,...

COTP Server Detection

Binary data 7158.pasl...

COTP Client Detection

Binary data 7157.pasl...

CVE-2007-2490

Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service exit via crafted Connection-Oriented Transport Protocol COTP packets...

Code injection

Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service exit via crafted Connection-Oriented Transport Protocol COTP packets...

CVE-2007-2490

Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service exit via crafted Connection-Oriented Transport Protocol COTP packets...

CVE-2007-2490

Summary: CVE-2007-2490 affects LiveData Server prior to 5.00.62, with a vulnerability in handling Connection-Oriented Transport Protocol (COTP) packets that can allow a remote attacker to cause a denial of service. The CERT/KB entry (VULN:711420) describes that malformed COTP packets may crash th...

LiveData Server Multiple Remote Vulnerabilities

Binary data scadaiccplivedatados.nbin...

LiveData Server fails to properly handle Connection-Oriented Transport Protocol packets

Overview The LiveData Server fails to handle malformed Connection-Oriented Transport Protocol COTP packets. This vulnerability may allow a remote attacker to crash the LiveData Server. Description The LiveData Server records and transmits data between two or more control systems. The...

ICCP/COTP TSAP Addressing Weakness

Binary data scadaiccpguesscotptsap.nbin...

ICCP/COTP (ISO 8073) Protocol Detection

Binary data scadaiccpcotpdetect.nbin...