DarkFiber Consulting – IT Managed Services

Exploit Code Available for CitectSCADA Vulnerability

September 9th, 2008 . by DarkFiber Consulting

In June, DarkFiber Consulting published Vulnerability Note VU#476345 to alert users of a vulnerability affecting Citect CitectSCADA. This vulnerability is due to a buffer overflow condition in the handling of ODBC requests from clients. Exploit code for this vulnerability is publicly available and exploitation may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users to review Vulnerability Note VU#476345 and apply the patch as described in the document.