Heap-based Buffer Overflow Vulnerability in Emerson Ovation OCR400 Controller 3.3.1 and Earlier
CVE-2019-10965 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution and escalation of privileges.
Learn more about our Cis Benchmark Audit For Server Software.