Ibapda
Monthly
Remote code execution in iba ibaPDA and ibaDatCoordinator allows unauthenticated network attackers to gain full system control by exploiting an unsafe deserialization flaw (CWE-502). The CVSS 4.0 score of 9.3 reflects network-reachable exploitation with no privileges or user interaction and high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the trivial attack profile makes it a high priority for industrial environments running these data acquisition products.
Remote code execution in iba ibaPDA and ibaDatCoordinator allows unauthenticated network attackers to gain full system control by exploiting an unsafe deserialization flaw (CWE-502). The CVSS 4.0 score of 9.3 reflects network-reachable exploitation with no privileges or user interaction and high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the trivial attack profile makes it a high priority for industrial environments running these data acquisition products.