Remote Code Execution Vulnerability in Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

Remote Code Execution Vulnerability in Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

CVE-2021-22802 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

Learn more about our Network Penetration Testing.