Scadaengine: Security Vulnerabilities
The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to bypass authentication and read or write to arbitrary database fields via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.026
Published
2015-03-14
Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request.
CVSS Score
9.0
EPSS Score
0.036
Published
2015-03-14
Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet.
CVSS Score
9.0
EPSS Score
0.046
Published
2015-03-14
Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.
CVSS Score
9.3
EPSS Score
0.416
Published
2011-02-16