Vulnerability Note VU#343971
ABB PCU400 vulnerable to buffer overflow
ABB PCU400 contains a vulnerability which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
The ABB PCU400 application serves as a communication gateway between RTUs that use the IEC-870-5-104 protocol and the SCADA server. The diagnostic web application contains a software flaw which allows an attacker to gain full access on the PCU400 server by sending a specially crafted packet to the X87 web interface on TCP port 8087.
Note that this issue affects PCU400 installations running the IEC60870-5-101/104 protocol based on X87.
A remote attacker may be able to execute arbitrary code with the privileges of the account running the x87 application.
Upgrade or Patch
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|ABB||Affected||-||08 Oct 2008|
CVSS Metrics (Learn More)
This issue was reported by Eyal Udassin and Idan Ofrat of C4 Security.
This document was written by Chris Taschner.
- CVE IDs: CVE-2008-2474
- Date Public: 25 Sep 2008
- Date First Published: 25 Sep 2008
- Date Last Updated: 03 Mar 2009
- Severity Metric: 3.28
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.