CVE-2014-9190

Critical CVSS 10.0

Overview

Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.

CWE: CWE-121 Published: 2015-01-10T02:59:33.693

Risk analysis

This vulnerability is rated 🔴 CRITICAL.

CVSS: 10.0 (CRITICAL)
Detected tags: buffer, rce (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags