N/A

A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger this vulnerability.

N/A

堆缓冲区溢出

Sealevel Systems SeaConnect 370W 缓冲区错误漏洞

Sealevel Systems SeaConnect 370W是美国Sealevel Systems公司的一款工业物联网（Iiot）边缘设备。用于远程监视和控制实际 I/O 进程的状态。 Sealevel Systems SeaConnect 370W 中存在缓冲区错误漏洞，该漏洞源于产品的 OTA Update u-download功能未对内存边界做有效限制。攻击者可通过特制的网络包导致远程代码执行。以下产品及版本受到影响：Sealevel Systems SeaConnect 370W v1.3.3

N/A

N/A