Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply.
Vulnerable Systems:
* Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004
Immune Systems:
* Schneider Electric IMT25 Magnetic Flow DTM after 1.500.004
Alexander Bolshev, Gleb Cherbov, and Svetlana Cherkasova of Digital Security have identified a memory corruption vulnerability in Schneider Electric IMT25 DTM component. Schneider Electric has produced a patch that mitigates this vulnerability. Digital Security has tested this patch to validate that it resolves the vulnerability.