SCADA: Measuresoft ScadaPro Service Remote Code Execution
This signature detects attempts to exploit a known flaw in Measuresoft ScadaPro. Versions 4.0.0 and earlier are vulnerable to several different buffer overflows and input sanitation attacks. A successful attack could result in arbitrary code execution, information disclosure, or a denial of service (DoS) of the targeted device.
Extended Description
Measuresoft ScadaPro is prone to multiple security vulnerabilities. Exploiting these issues could allow remote attackers to perform unauthorized actions using directory traversal strings or to execute arbitrary code or commands within the context of the affected application. Failed attempts will likely cause denial-of-service conditions.
Affected Products
Measuresoft scadapro
Short Name
SCADA:MEASURESOFT-SCADAPRO-RCE
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SCADA
Keywords
CVE-2011-3490 CVE-2011-3495 CVE-2011-3496 CVE-2011-3497 Code Execution Measuresoft Remote ScadaPro Service bid:49613
Release Date
11/14/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3382
Port
TCP/11234
False Positive
Unknown
Vendors
Measuresoft
CVSS Score
10.0