ABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow

Added: 03/01/2012
CVE: CVE-2012-0245
BID: 52123
OSVDB: 79476


ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks, including managing communication with connected robot controllers.


WebWare Server (4.6 through 4.91) for Windows is vulnerable to a buffer overflow in the RobNetScanHost service when processing incoming announcements about robot controller availability on the subnet. By sending a specially crafted packet to the server, a remote attacker could possibly execute arbitrary code on the vulnerable target.


Apply patches as described in ABB Vulnerability Security Advisory ABB-VU-DMRO-38599.



This exploit has been tested on ABB WebWare Server 4.91 on Microsoft Windows XP SP3 English (DEP OptIn) with no further patches.



Back to exploit index