CodeWrights GmbH HART Device DTM Vulnerability (Update C)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-012-01B CodeWrights GmbH HART DTM Vulnerability that was published January 27, 2015, on the NCCIC/ICS-CERT web site. Alexander Bolshev of Digital Security has identified an improper input validation vulnerability...

Buffer overflow

Buffer overflow in the Field Device Tool FDT Frame application in the HART Device Type Manager DTM library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote...

CVE-2014-9191

CVE-2014-9191 is an improper input validation vulnerability in CodeWrights HART DTM libraries used by multiple vendors (ABB, Emerson, Honeywell, Magnetrol, Pepperl+Fuchs, etc.). A specially crafted response on the 4–20 mA loop can trigger a buffer overflow, causing the HART DTM component to crash...