First published: Fri Mar 01 2019(Updated: )
UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.
Credit: vulnerability@kaspersky.com
Affected Software | Affected Version | How to fix |
---|---|---|
Uvnc Ultravnc | <1.2.2.3 | |
Siemens Sinumerik Access Mymachine\/p2p | <4.8 | |
Siemens Sinumerik Pcu Base Win10 Software\/ipc | <14.00 | |
Siemens Sinumerik Pcu Base Win7 Software\/ipc | <=12.01 | |
Siemens Sinamics Gh150 | ||
Siemens Sinamics Sh150 | ||
Siemens Sinamics Sl150 | ||
Siemens Sinamics Sm120 | ||
Siemens Sinamics Sm150 | ||
Siemens SINAMICS SM150i | ||
Siemens SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants) Update 4 | <16 | 16 |
Siemens SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants) Update 4 | <16 | 16 |
Siemens SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F Update 4 | <16 | 16 |
Siemens SIMATIC WinCC Runtime Advanced Update 4 | <16 | 16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.