Remote Code Execution Vulnerability in Invensys Wonderware HMI Reports

Remote Code Execution Vulnerability in Invensys Wonderware HMI Reports

CVE-2011-4039 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."

Learn more about our User Device Pen Test.