The NCCIC has released an advisory on an stack-based buffer overflow vulnerability in Teledyne DALSA Sherlock. Version 7.2.7.4 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. Teledyne DALSA recommends users upgrade to Sherlock Version 7.2.7.5 or later. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.