Metasploit modules that can be used to exploit Scadatec products

Order by Disclosure Date Module Name Module Type
  • ScadaTEC ScadaPhone Stack Buffer Overflow
    Disclosure Date: 2011-09-12
    First seen: 2020-04-26
    exploit/windows/fileformat/scadaphone_zip
    This module exploits a stack-based buffer overflow vulnerability in version 5.3.11.1230 of scadaTEC's ScadaPhone. In order for the command to be executed, an attacker must convince someone to load a specially crafted project zip file with ScadaPhone. By doing so, an attacker can execute arbitrary code as the victim user. Authors: - mr_me <steventhomasseeley@gmail.com>
  • Procyon Core Server HMI Coreservice.exe Stack Buffer Overflow
    Disclosure Date: 2011-09-08
    First seen: 2020-04-26
    exploit/windows/scada/procyon_core_server
    This module exploits a vulnerability in the coreservice.exe component of Proycon Core Server <= v1.13. While processing a password, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow and allows to overwrite a structured exception handling record on the stack, allowing for unauthenticated remote code execution. Also, after the payload exits, Coreservice.exe should automatically recover. Authors: - Knud Hojgaard <keh@nsense.dk> - mr_me <steventhomasseeley@gmail.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close