Intrusion Prevention

Procyon.Core.Server.HMI.LOGON.Request.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in Procyon Core Server.
The vulnerability is caused by an error when the software handles specially a crafted HMI LOGON Request. It allows a remote attacker to execute arbitrary code.

Affected Products

Scadatec Procyon 1.13 or earlier.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's website for a suggested workaround.
http://www.us-cert.gov/control_systems/pdf/ICSA-11-216-01.pdf

CVE References

CVE-2011-3322