ABB HART Device DTM Vulnerability

OVERVIEW Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library used in ABB’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which ABB have begun to integrate. AFFECTE...

Buffer overflow

Buffer overflow in the Field Device Tool FDT Frame application in the HART Device Type Manager DTM library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote...

CVE-2014-9203

The CVE-2014-9203 issue is a buffer overflow in the HART DTM library used by GE and MACTek’s Field Device Tool (FDT) Frame Application, affecting Bullet DTM 1.00.0, Vector DTM 1.00.0, SVi1000 Positioner DTM 1.00.0, SVI II AP Positioner DTM 2.00.1, and 12400 Level Transmitter DTM 1.00.0. The vulne...

CVE-2014-9191

CVE-2014-9191 is an improper input validation vulnerability in CodeWrights HART DTM libraries used by multiple vendors (ABB, Emerson, Honeywell, Magnetrol, Pepperl+Fuchs, etc.). A specially crafted response on the 4–20 mA loop can trigger a buffer overflow, causing the HART DTM component to crash...