Intrusion Prevention

Eaton.HMiSoft.VU3.wTextLen.Stack.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Stack Buffer Overflow Vulnerability in Eaton HmiSoft VU3.
The vulnerability is due to improper handling of the wTextLen element in VU3 files. A remote attacker can exploit this vulnerability by enticing a target user into opening a crafted VU3 file. Successful exploitation could result in the execution of arbitrary code under the security context of the user running HMiSoft.

Affected Products

Eaton HmiSoft VU3 3.00.23 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.us-cert.gov/ics/advisories/icsa-20-105-01

CVE References

CVE-2020-10639

Other References

ICSA-20-105-01