Eaton Fixes Hole in 9000X Drive

Thursday, July 12, 2018 @ 03:07 PM gHale

Eaton created an update to mitigate a stack-based buffer overflow in its 9000X Drive, according to a report with NCCIC.

Successful exploitation of this vulnerability may allow remote code execution.

RELATED STORIES
Medtronic Updates N’Vision Issues
Siemens Clearing DoS Holes
Universal Robots Remediates Holes
Schweitzer Fixes Multiple Holes

9000X Drive, Versions 2.0.29 and prior suffer from the remotely exploitable vulnerability, discovered by Ghirmay Desta working with Trend Micro’s Zero Day Initiative.

A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.

CVE-2018-8847 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.6.

The product sees use mainly in the energy sector and on a global basis.

No known public exploits specifically target this vulnerability. An attacker with high skill level would be able to exploit the vulnerability.

Dublin, Ireland-based Eaton has released an update for 9000X Drive.



Leave a Reply

You must be logged in to post a comment.