Intrusion PreventionEaton.HMiSoft.VU3.wTextLen.Stack.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Stack Buffer Overflow Vulnerability in Eaton HmiSoft VU3.
The vulnerability is due to improper handling of the wTextLen element in VU3 files. A remote attacker can exploit this vulnerability by enticing a target user into opening a crafted VU3 file. Successful exploitation could result in the execution of arbitrary code under the security context of the user running HMiSoft.
Affected Products
Eaton HmiSoft VU3 3.00.23 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.us-cert.gov/ics/advisories/icsa-20-105-01
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-06-18 | 15.867 | Sig Added |
| 2020-06-11 | 15.863 | Sig Added |
| 2020-06-09 | 15.861 | Default_action:pass:drop |
| 2020-06-01 | 15.854 |
References
ICSA-20-105-01| ID | 49042 |
| Created | Jun 01, 2020 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2020-10639 |
| Exploit Prediction Score | 1.77% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | SCADA |