The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocation failure.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Intouch | Wonderware | 8.0 (including) | 8.0 (including) |
| Suitelink | Wonderware | 2.0 (including) | 2.0 (including) |