CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-9192

HIGH
7.8
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile15.48th
Published2014年12月11日
Last Modified2026年5月6日

Vulnerability Description

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation.

Affected Platforms (CPE)

📦
Trihedral

Vtscada

>= 6.5 and < 9.1.20
📦
Trihedral

Vtscada

>= 10.0 and < 10.2.22
📦
Trihedral

Vtscada

>= 11.0 and < 11.1.07

References & Advisories

🔗 http://www.securityfocus.com/bid/71591
🔗 http://www.trihedral.com/help/#Op_Welcome/Wel_UpgradeNotes.htm
🔗 https://www.cisa.gov/news-events/ics-advisories/icsa-14-343-02
🔗 http://www.securityfocus.com/bid/71591
🔗 https://ics-cert.us-cert.gov//advisories/ICSA-14-343-02

関連する脆弱性情報

CVE-2016-45329.1

Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows ...

CVE-2016-45109.1

The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentica...

CVE-2017-140317.8

An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administrator user has privil...

CVE-2017-140297.8

An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute speciall...