Vulnerabilities > CVE-2018-14807 - Out-of-bounds Write vulnerability in Opto22 PAC Control

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

opto22

CWE-787

critical

NVD

Published: 2018-10-18

Updated: 2021-04-26

Summary

A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution.

Vulnerable Configurations

Part	Description	Count
Application	Opto22 Opto22 PAC Control 8.0 Opto22 PAC Control 8.1 Opto22 PAC Control 8.2 Opto22 PAC Control 8.5 Opto22 PAC Control 9.0 Opto22 PAC Control 9.1 Opto22 PAC Control 9.2 Opto22 PAC Control 9.3 Opto22 PAC Control 9.5 Opto22 PAC Control R10.0	20

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.opto22.com/support/resources-tools/knowledgebase/kb87547
https://ics-cert.us-cert.gov/advisories/ICSA-18-247-01