Exploit Code Available for CitectSCADA Vulnerability

In June, US-CERT published Vulnerability Note VU#476345 to alert users of a vulnerability affecting Citect CitectSCADA. This vulnerability is due to a buffer overflow condition in the handling of ODBC requests from clients. Exploit code for this vulnerability is publicly available and exploitation may allow an attacker to execute arbitrary code.

US-CERT encourages users to review Vulnerability Note VU#476345 and apply the patch as described in the document.

Read more: US-CERT Current Activity