Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices.
Check it out!
CWE-787: OUT-OF-BOUNDS WRITE Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. An attacker can manipulate API functions by writing arbitrary data into the resolved address of a raw pointer. Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, and acquire complete remote control over the machine. Read: “Claroty, Auvesy Coordinate Disclosure on Versiondog Vulnerabilities”