ioserver 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには バッファオーバーフロー、vendor risk input validation, and パス処理の欠陥 があり、vendor surface software deployment and vendor surface production workloads の利用場面で vendor impact unexpected behavior、アプリケーションクラッシュ, and vendor impact memory corruption などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2014-5425 | IOServer before Beta2112.exe allows remote attackers to cause a denial of service (out-of-bounds read and master entry consumption) via a null DNP3 header. | [email protected] | 5.0 | 0.40% | 2014-10-19 | 2026-05-06 |
| CVE-2014-0777 | The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted packet. | [email protected] | 8.3 | 1.46% | 2014-04-11 | 2026-05-06 |
| CVE-2013-2790 | The master-station DNP3 driver before driver19.exe, and Beta2041.exe, in IOServer allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets to TCP port 20000. | [email protected] | 7.8 | 0.47% | 2013-08-13 | 2026-04-29 |
| CVE-2013-2783 | The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers to cause a denial of service (infinite loop) or obtain unspecified control via crafted data to TCP port 20000. | [email protected] | 7.1 | 0.47% | 2013-06-14 | 2026-04-29 |
| CVE-2012-4680 | Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in a URI. | [email protected] | 4.3 | 5.47% | 2012-08-27 | 2026-04-29 |