First published: Sat Dec 30 2017(Updated: )
Red Lion HMI panels allow remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long URI that does not exist, as demonstrated by version HMI 2.41 PLC 2.42.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Redlion Hmi Panel Firmware | =2.41 | |
Redlion Hmi Panel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-14855 is a vulnerability in Red Lion HMI panels that allows remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long non-existent URI.
The severity of CVE-2017-14855 is high, with a CVSS score of 8.6 (out of 10).
CVE-2017-14855 affects Red Lion HMI panels by allowing remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long non-existent URI.
To fix CVE-2017-14855, users should update their Red Lion HMI panel firmware to a version that addresses this vulnerability.
More information about CVE-2017-14855 can be found at the following link: http://misteralfa-hack.blogspot.cl/2017/12/red-lion-guru-mode-cve-2017-14855.html