Primary

Context

Novakon P Series Buffer Overflow Vulnerability Allowing Root Access

Vulnerability

A buffer overflow vulnerability has been identified in the Novakon P Series HMI devices, specifically in version V2001.A.C518o2. This vulnerability allows unauthenticated attackers to gain root privileges remotely. The issue arises from the PSeriesbiosinterface, which is exposed over UDP on port 60681.

Impact

Exploitation of this vulnerability leads to unauthorized remote code execution with root privileges on the affected device.

Reproduction

The vulnerability can be reproduced by sending a crafted UDP packet to port 60681. The packet must be crafted to exploit the buffer overflow, overwriting the return address with a payload that, when executed, spawns a telnet server on the device.

Remediation

No official patch is available. It is recommended to restrict network access to the device and disable Ethernet configuration if serial ports are used for PLC communication.

Added: Sep 23, 2025, 11:16 AM

Updated: Sep 23, 2025, 11:16 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.7

remediation

0.0

relevance

0.6

threat

1.6

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.7

remediation

0.0

relevance

0.6

threat

1.6

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Novakon P Series Buffer Overflow Vulnerability Allowing Root Access

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating