CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6485
https://notcve.org/view.php?id=CVE-2015-6485
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet. Schneider Electric Telvent Sage 2300 RTUs con firmware anterior a C3413-500-S01 y LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400 y Sage 3030M RTUs con firmware anterior a C3414-500-S02J2, permiten a atacantes remotos obtener información sensible de memoria del dispositivo leyendo un campo de relleno de un paquete Ethernet. • https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 1CVE-2016-2278 – Schneider Electric SBO / AS - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2016-2278
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh (aka Minimal Shell) protection mechanism. Schneider Electric Struxureware Building Operations Automation Server AS 1.7 y versiones anteriores y AS-P 1.7 y versiones anteriores permite a administradores remotos autenticados ejecutar comandos de SO arbitrarios venciendo un mecanismo de protección msh (también conocido como Minimal Shell). • https://www.exploit-db.com/exploits/39522 http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-025-01 https://ics-cert.us-cert.gov/advisories/ICSA-16-061-01 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 7%CPEs: 13EXPL: 0CVE-2015-7937
https://notcve.org/view.php?id=CVE-2015-7937
Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. Desbordamiento de buffer basado en pila en GoAhead Web Server en dispositivos Schneider Electric Modicon M340 PLC BMXNOx y BMXPx permite a atacantes remotos ejecutar código arbitrario a través de una contraseña larga en los datos de HTTP Basic Authentication. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01 http://www.securityfocus.com/bid/79622 https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 15%CPEs: 1EXPL: 0CVE-2015-8561 – Schneider Electric ProClima F1BookView ActiveX Control CopyRangeEx Method Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-8561
The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918. El control F1BookView ActiveX en F1 Bookview in Schneider Electric ProClima en versiones anteriores a 6.2 permite atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un valor entero manipulado con el método (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx o (5) SwapTable, una vulnerabilidad diferente a CVE-2015-7918. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the CopyRangeEx method of the F1BookView ActiveX control. The method accepts an integer value and interprets it as the address of a structure in memory. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01 http://www.zerodayinitiative.com/advisories/ZDI-15-626 http://www.zerodayinitiative.com/advisories/ZDI-15-627 http://www.zerodayinitiative.com/advisories/ZDI-15-628 http://www.zerodayinitiative.com/advisories/ZDI-15-629 https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 41%CPEs: 1EXPL: 0CVE-2015-7918 – Schneider Electric ProClima F1BookView ActiveX Control SetTabbedTextEx Method Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7918
Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx, or (7) SetValidationRule method, a different vulnerability than CVE-2015-8561. Múltiples desbordamientos de buffer en el control F1BookView ActiveX en F1 Bookview en Schneider Electric ProClima en versiones anteriores a 6.2 permite atacantes remotos ejecutar código arbitrario a través del método (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx o (7) SetValidationRule, una vulnerabilidad diferente a CVE-2015-8561. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the SetTabbedTextEx method of the F1BookView control. Memory corruption occurs when a long string is passed by the user to the method. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01 http://www.zerodayinitiative.com/advisories/ZDI-15-625 http://www.zerodayinitiative.com/advisories/ZDI-15-630 http://www.zerodayinitiative.com/advisories/ZDI-15-631 http://www.zerodayinitiative.com/advisories/ZDI-15-632 http://www.zerodayinitiative.com/advisories/ZDI-15-633 http://www.zerodayinitiative.com/advisories/ZDI-15-634 http://www.zerodayinitiative.com/advisories/ZDI-15-635 https://ics-cert.us-cert.gov/advisori • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •