Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response
Vulnerability Description
Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a mallicious device which could send a response with invalid content. Currently we consider the probability of this being exploited as quite minimal, however this could change in the future, especially with the industrial networks growing more and more together.
CVSS Information
N/A
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Apache PLC4X - PLC4C 数字错误漏洞
Vulnerability Description
Apache PLC4X - PLC4C是美国阿帕奇(Apache)基金会的一个工业通信协议通用适配器。 Apache PLC4X-PLC4C(只有C语言版本受到影响)0.9.1之前版本存在安全漏洞。要利用此漏洞,用户必须主动连接到恶意设备,该设备可能发送包含无效内容的响应。目前,我们认为该漏洞被利用的概率非常小,但这种情况在未来可能会改变,特别是随着工业网络越来越多地结合在一起。
CVSS Information
N/A
Vulnerability Type
N/A