Unrated severityNVD Advisory· Published Jul 29, 2011· Updated Apr 29, 2026

CVE-2011-2963

Description

TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.

Affected products

Progea/Movicon
cpe:2.3:a:progea:movicon:11.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdfnvdPatchUS Government Resource
www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdfnvdPatchUS Government Resource
www.exploit-db.com/exploits/17034nvdExploit
www.securityfocus.com/bid/46907nvdExploit
www.osvdb.org/72888nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.015
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000