CVE-2013-0682
published 2013-04-05CVE-2013-0682: Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0…
PriorityP434high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.47%
82.5th percentile
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cogentdatahub | cascade_datahub | <= 6.4.21 | — |
| cogentdatahub | cascade_datahub | — | — |
| cogentdatahub | cogent_datahub | <= 7.2.2 | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | datahub_quicktrend | <= 7.2.2 | — |
| cogentdatahub | opc_datahub | <= 6.4.21 | — |
| cogentdatahub | opc_datahub | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Cogent Real-Time Systems Vulnerabilities
cisa_ics·2014-02-13
Cogent Real-Time Systems Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Cogent Real-Time Systems Vulnerabilities
Last RevisedFebruary 13, 2014
Alert CodeICSA-13-095-01
## Overview
Dillon Beresford of Cimation has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely.
## Affected Products
Cogent Real-Time Systems reports that these vulnerabilities affect the following versions:
- Cogent DataHub Version 7.2.2 and earlier,
- OPC DataHub Version 6.4.21 and earlier,
- Cascade DataHub for Windows Version
GHSA
GHSA-6x93-83cp-mv44: Cogent Real-Time Systems Cogent DataHub before 7
ghsa_unreviewed·2022-05-17
CVE-2013-0682 [HIGH] CWE-119 GHSA-6x93-83cp-mv44: Cogent Real-Time Systems Cogent DataHub before 7
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2013-04-05
Published