Advisories

KLCERT-19-004: UltraVNC Heap-based Buffer Overflow

01 March 2019

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-003: UltraVNC Buffer Underwrite

01 March 2019

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-002: AVEA Wonderware System Platform Vulnerability – Unauthorized Access to Credentials

01 March 2019

AVEVA Wonderware System Platform vulnerability leading to Unauthorized Access to Credentials. Vulnerability allows unauthorized access to the credentials for the ArchestrA Network User Account.
KLCERT-19-001: DeltaV Authentication Bypass

01 March 2019

Authentication bypass in DVBBaseMP_NoMFC.dll in DeltaV. A remote attacker can bypass authentication in DeltaV and expand attack surface.
KLCERT-18-037: CodeSYS Control V3 Use of Insufficiently Random Values

19 December 2018

CODESYS communication servers use insufficiently random values.
KLCERT-18-036: CodeSYS Control V3 Improper Communication Address Filtering

19 December 2018

CODESYS routing protocol may disguise the source of crafted communication packets.
KLCERT-18-035: CodeSYS Control V3 Access Control Inactive by Default

19 December 2018

Neither communication encryption nor user authentication is activated by default, but must be activated by the user.
KLCERT-18-034: LibVNC NULL Pointer Dereference

19 December 2018

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains a null pointer dereference in VNC client code, which can result in DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 and later.
KLCERT-18-033: LibVNC Memory leak

19 December 2018

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains a CWE-665: Improper Initialization vulnerability in VNC Repeater client code, which could allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and bypass ASLR. This vulnerability has been fixed in 8b06f835e259652b0ff026898014fc7297ade858 and later.
KLCERT-18-032: LibVNC Multiple Memory Leaks

19 December 2018

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple CWE-665: Improper Initialization weaknesses in VNC client code, which could allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and bypass ASLR. This vulnerability has been fixed in 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 and later.