1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: AADvance Standalone OPC-DA Server
- Vulnerabilities: Improper Input Validation, Use of Externally Controlled Format String
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code in the affected product.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Rockwell Automation AADvance Standalone OPC-DA Server are affected:
- AADvance Standalone OPC-DA Server: Versions v2.01.510 and later
3.2 Vulnerability Overview
3.2.1 IMPROPER INPUT VALIDATION CWE-20
An arbitrary code execution vulnerability exists in the affected product. The log4net config file does not disable XML external entities.
CVE-2018-1285 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.2 USE OF EXTERNALLY CONTROLLED FORMAT STRING CWE-134
An arbitrary code execution vulnerability exists in the affected product. The vulnerability occurs due to a vulnerable component, the format string in log4net.
CVE-2006-0743 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is (This article has been indexed from All CISA Advisories