CVE-2010-4740

SCADA Engine BACnet OPC Client <1.0.25 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Jeremy Brown · pythonlocalwindows

https://www.exploit-db.com/exploits/15026

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by Jeremy Brown, MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/bacnet_csv.rb

View Code ZIP pw:eip

References (6)

[US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICSA-10-264-01.pdf

[Third Party Advisory] http://securityreason.com/securityalert/8083

[Vendor Advisory] http://secunia.com/advisories/41466

[Exploit] http://packetstormsecurity.org/1009-exploits/bacnet-overflow.py.txt

[Exploit] http://www.securityfocus.com/bid/43289

[US Government Resource] http://www.kb.cert.org/vuls/id/660688

Scores

EPSS 0.5830

EPSS Percentile 98.2%

Details

CWE

CWE-119

Status published

Products (1)

scadaengine/bacnet_opc_client < 1.0.24

Published Feb 16, 2011

Tracked Since Feb 18, 2026