NETxAutomation Information for VU#296593

NETxAutomation NETxEIB OPC Server fails to properly validate OPC server handles

Status

Affected

Vendor Statement

NETxAutomation is dedicated to continuous improvement of product quality and reliability.

Background

Normally EIB IP Networks are private networks with restricted access and are not connected to any other network. In this case only a physical intruder is able to exploit this vulnerability.

Nonetheless we corrected this in our new version 3.0.1300 immediately.

Solution

We released a patch for version 3.0. Customers can contact us by email at support@netxautomation.com to receive the patch.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.