CVE-2012-0245: Buffer Overflow
First published: Fri Mar 09 2012(Updated: )
Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5, RobotStudio, WebWare SDK, and WebWare Server, allow remote attackers to execute arbitrary code via a crafted (1) 0xA or (2) 0xE Netscan packet.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB Interlink Module | ||
| ABB IRC5 OPC Server | ||
| ABB PC SDK | ||
| ABB Pickmaster 3 | ||
| Abb Pickmaster 5 | ||
| ABB RCCMD | <=5.14.01 | |
| ABB RobotStudio Lite | ||
| Abb Robview 5 | ||
| ABB WebWare SDK | ||
| BTCPayServer |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0125.html
- http://secunia.com/advisories/48090
- http://www.securityfocus.com/bid/52123
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-059-01.pdf
- http://www.zerodayinitiative.com/advisories/ZDI-12-033/
- http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/f261be074480dc24c12579a00049ecd5/$file/si10227a1%20vulnerability%20security%20advisory.pdf
- http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/f261be074480dc24c12579a00049ecd5/%24file/si10227a1%20vulnerability%20security%20advisory.pdf
Frequently Asked Questions
What is the severity of CVE-2012-0245?
CVE-2012-0245 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2012-0245?
To fix CVE-2012-0245, upgrade to ABB Robot Communications Runtime version 5.14.02 or later.
What are the affected software versions for CVE-2012-0245?
CVE-2012-0245 affects multiple ABB products, including Interlink Module, IRC5 OPC Server, and RobotStudio prior to specified versions.
Who can exploit the vulnerability identified as CVE-2012-0245?
Remote attackers can exploit CVE-2012-0245 to execute arbitrary code on affected systems.
What types of vulnerabilities are associated with CVE-2012-0245?
CVE-2012-0245 is associated with stack-based buffer overflow vulnerabilities.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/abb
- canonical/abb interlink module
- canonical/abb irc5 opc server
- canonical/abb pc sdk
- canonical/abb pickmaster 3
- canonical/abb pickmaster 5
- canonical/abb rccmd
- version/abb rccmd/5.14.01
- canonical/abb robotstudio lite
- canonical/abb robview 5
- canonical/abb webware sdk
- canonical/btcpayserver