CVE-2011-3143

Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

Published: 2011-08-16 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2011-3143 is rated High Risk (67.3/100): CVSS Critical severity, with high exploitation likelihood (EPSS 5.99%, 92th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2011-3143

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 15.51% 5.99% -9.53%
2 2026-02-17 5.53% 15.51% +9.98%
3 2026-02-15 5.53%

Full EPSS history (12 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-3143

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2011-3143

Affected software / configurations for CVE-2011-3143

Vendor Product Version Raw CPE
aveva clearscada 2005 cpe:2.3:a:aveva:clearscada:2005:*:*:*:*:*:*:*
aveva clearscada 2007 cpe:2.3:a:aveva:clearscada:2007:*:*:*:*:*:*:*
aveva clearscada 2009 cpe:2.3:a:aveva:clearscada:2009:*:*:*:*:*:*:*
schneider-electric scx_67 < r4.5 cpe:2.3:a:schneider-electric:scx_67:*:*:*:*:*:*:*:*
schneider-electric scx_68 < r3.9 cpe:2.3:a:schneider-electric:scx_68:*:*:*:*:*:*:*:*

References for CVE-2011-3143

URL Tags
http://secunia.com/advisories/44955 Third Party Advisory
http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/ Broken Link Third Party Advisory
http://www.osvdb.org/72989 Broken Link
http://www.securityfocus.com/bid/46312 Third Party Advisory VDB Entry
http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf Patch Third Party Advisory US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf Patch Third Party Advisory US Government Resource
cvelogic Threat Intelligence