CISA

Labcenter Proteus 9

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of these vulnerabilities could disclose information and allow a malicious user to execute arbitrary code on affected installations.

The following versions of Labcenter Proteus 9 are affected:

Proteus 9.1_SP4_Build_42914

Vendor

Equipment

Labcenter Electronics

Labcenter Proteus 9

Out-of-bounds Write, Stack-based Buffer Overflow, Use After Free

Critical Infrastructure Sectors: Communications, Critical Manufacturing, Defense Industrial Base, Energy, Healthcare and Public Health, Transportation Systems, Water and Wastewater

Countries/Areas Deployed: Worldwide

Company Headquarters Location: United Kingdom

The application contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution.

Labcenter Proteus 9

MitigationIf...