Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows (ICSA-18-233-01) – Product Used in the Energy Sector

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability may allow arbitrary code execution, or the stopping of the license management function. Yokogawa recommends users update or patch the affected products. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.