Intrusion Prevention

Schneider.Electric.Accutech.Manager.HTTP.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in Schneider Electric's Accutech Manager.
The vulnerability is caused by a lack of boundary checks when the vulnerable software handles an overly large HTTP request. It allows a remote attacker to execute arbitrary code via a crafted HTTP request.

Affected Products

Schneider Electric Accutech Manager 2.x and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.schneider-electric.com/sites/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/
templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/01/
20130121_advisory_of_vulnerability_affecting_accutech_manager_software.xml

CVE References

CVE-2013-0658