The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.
References
Link | Resource |
---|---|
https://sourceforge.net/p/snap7/discussion/bugfix/thread/2d2d085c/ | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2017-11-17 21:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-1000230
Mitre link : CVE-2017-1000230
CVE.ORG link : CVE-2017-1000230
JSON object : View
Products Affected
snap7_project
- snap7_server
CWE
CWE-20
Improper Input Validation