A CVSS v3 base score of 7.5 has been calculated the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).Ī remote code execution vulnerability in lmadmin and vendor daemon components allows a remote attacker to corrupt the memory by allocating/deallocating memory, loading lmadmin or the vendor daemon and causing the heartbeat between lmadmin and the vendor daemon to stop. A CVSS v3 base score of 7.5 has been calculated the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).Ī denial of service vulnerability related to message decoding in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.ĬVE-2018-20032 has been assigned to this vulnerability. Floating License Manager Version 2.3.0.0 and earlierĪ denial of service vulnerability related to preemptive item deletion in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.ĬVE-2018-20031 has been assigned to this vulnerability.The following versions of Floating License Manager, used in Vijeo Citect and Citect SCADA, are affected: These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product.
Vulnerabilities: Improper Input Validation, Memory Corruption.Equipment: Vijeo Citect and Citect SCADA Floating License Manager.ATTENTION: Exploitable remotely/low skill level to exploit.
0 kommentar(er)
