Remote Code Execution and Denial of Service Vulnerability in Progea Movicon / PowerHMI 11.2.1085 and Earlier

Remote Code Execution and Denial of Service Vulnerability in Progea Movicon / PowerHMI 11.2.1085 and Earlier

CVE-2011-3499 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.

Learn more about our Web Application Penetration Testing UK.