AutomationDirect C-more EA9 HMI Buffer Overflow Vulnerability Allowing Denial-of-Service and Remote Code Execution

A buffer copy vulnerability without proper input size checks has been identified in AutomationDirect C-more EA9 HMI versions through 6.79. This vulnerability allows attackers to bypass bounds checks, potentially leading to a denial-of-service condition or remote code execution on the affected device.

Impact

Exploitation of this vulnerability could cause a denial-of-service condition or allow for remote code execution on the affected device.

Remediation

Users are advised to update the C-more EA9 HMI software and firmware to version 6.80. If an immediate update is not possible, consider isolating the HMI workstation from external networks, restricting access to authorized personnel, implementing application whitelisting, applying endpoint security measures, monitoring and logging activity, using secure backup and recovery practices, and conducting regular risk assessments. For more information, see the AutomationDirect security advisory.