The NCCIC has released an advisory on type confusion and stack-based buffer overflow vulnerabilities in Schneider Electric GUIcon Eurotherm. Version 2.0 of this product is affected. Successful exploitation of these vulnerabilities may allow an attacker to execute code with privileges within the context of the application. Schneider Electric recommends upgrading to GUIcon Version 2.0 Software Package (Gold Build 683.003), which includes fixes for these vulnerabilities. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. NCCIC/ICS-CERT.