#VU7096 Resource exhaustion in VTScada - CVE-2017-6043
Published: June 15, 2017
Vulnerability identifier: #VU7096
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-6043
CWE-ID: CWE-400
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
VTScada
VTScada
Software vendor:
Trihedral Engineering Ltd
Trihedral Engineering Ltd
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to improper input validation. A remote attacker can trigger resource exhaustion and cause the target system to crash.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists due to improper input validation. A remote attacker can trigger resource exhaustion and cause the target system to crash.
Successful exploitation of the vulnerability results in denial of service.
Remediation
Update to version 11.2.26.