EOSCoreScada.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to cause a denial of service (daemon restart) by sending data to TCP port (1) 5050 or (2) 24004. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to obtain sensitive cleartext information via a session on TCP port 12000. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.