CVE-2011-5163
Mitsubishi MX4 SCADA and Schneider Electric CitectSCADA < 7.20 - Buffer Overflow via Long Login String
Title source: llmDescription
Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence.
References (7)
Core 7
Core References
Various Sources x_refsource_confirm
http://www.citect.com/citectscada-batch
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/76937
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02.pdf
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/46779
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026306
Various Sources x_refsource_confirm
https://my.mitsubishi-automation.com/downloads_show.php?portal_id=1&doc_type=safety&scat=2&sstr=MX4%2CSCADA
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/46786
Scores
EPSS
0.0016
EPSS Percentile
37.1%
Details
CWE
CWE-119
Status
published
Products (2)
mitsubishi-automation/mx4_scada
< 7.10
schneider-electric/citectscada
< 7.10
Published
Sep 15, 2012
Tracked Since
Feb 18, 2026