CVE-2011-4050
published 2011-12-27CVE-2011-4050: Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted…
PriorityP341medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
21.15%
97.3th percentile
Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 7t | igss | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts by monitoring for crafted TCP packets sent to port 12401 targeting IGSSdataServer.exe; anomalous or malformed packet content on this port is indicative of CVE-2011-4050 exploitation. ↗
- →Alert on unexpected crashes or termination of the IGSSdataServer.exe process, especially when preceded by inbound TCP connections on port 12401. ↗
- ·The Metasploit auxiliary module notes the DoS was confirmed for versions <= 9.0.0.10306, and is expected (but untested) to also affect version <= 9.0.0.11200; detections should cover both version ranges. ↗
- ·No known public exploits specifically targeted this vulnerability at time of advisory publication; however, a Metasploit auxiliary DoS module exists. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mg3g-9wrp-3q2x: Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9
ghsa_unreviewed·2022-05-17
CVE-2011-4050 [MEDIUM] CWE-119 GHSA-mg3g-9wrp-3q2x: Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9
Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401.
CISA ICS
7-Technologies Data Server Denial of Service
cisa_ics·2013-08-12
7-Technologies Data Server Denial of Service
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
7-Technologies Data Server Denial of Service
Last RevisedAugust 12, 2013
Alert CodeICSA-11-335-01
## Overview
ICS-CERT originally released advisory “ICSA-11-335-01P - 7-Technologies Data Server Denial of Service” in the US-CERT secure portal on December 01, 2011. This web page release was delayed to allow users time to download and install the update.
Security researcher UCQ from the Cyber Defense Institute, Inc. has identified a buffer overflow vulnerability in the 7-Technologies (7T) IGSS Data Server application.
ICS-CERT has coordinated with 7T, which has produced a patch t
No detection rules found.
No writeups or analysis indexed.
2011-12-27
Published