You are here

Opto22 PAC Control Basic and PAC Control Professional (ICSA-18-247-01)

Opto22 PAC Control Basic and PAC Control Professional (ICSA-18-247-01)

Created: Tuesday, September 4, 2018 - 15:53
Categories:
Cybersecurity, Security Preparedness

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Opto22 PAC Control Basic and PAC Control Professional. PAC Control Basic versions R10.0a and prior and PAC Control Professional Versions R10.0a and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed, and a buffer overflow condition may then allow remote code execution. Opto22 recommends users upgrade to the newest version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.