WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability
We discussed this vulnerability during Episode 200 on 28 March 2023
A high performance, but apparently low security library for some industrial software, root cause is the use of a signed comparison of a value that is then used as an unsigned size value in a memcpy. End result being a much too large copy, overflowing the destination buffer.