CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-0789
https://notcve.org/view.php?id=CVE-2014-0789
Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions. Múltiples desbordamientos de buffer en el control OPC Automation 2.0 Server Object ActiveX en Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 y anteriores, TLXCDSTOFS33 3.5 y anteriores, TLXCDLUOFS33 3.5 y anteriores, TLXCDLTOFS33 3.5 y anteriores y TLXCDLFOFS33 3.5 y anteriores permiten a atacantes remotos causar una denegación de servicio a través de argumentos largos hacia funciones no especificadas. • http://ics-cert.us-cert.gov/advisories/ICSA-14-093-01 http://www.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2014/03/20140325_vulnerability_disclosure_opc_factory_server.xml • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 11%CPEs: 21EXPL: 2CVE-2013-0662 – SEIG Modbus 3.4 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2013-0662
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. Múltiples desbordamientos de buffer basado en pila en ModbusDrv.exe en Schneider Electric Modbus Serial Driver 1.10 hasta 3.2 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de tamaño de buffer grande en Modbus Application Header. SEIG Modbus version 3.4 suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/45219 https://www.exploit-db.com/exploits/45220 http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01 http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01 http://www.securityfocus.com/bid/66500 • CWE-787: Out-of-bounds Write •
CVSS: 6.9EPSS: 19%CPEs: 6EXPL: 0CVE-2014-0774 – Schneider Electric OPC Factory Server OFS Client Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0774
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file. Desbordamiento de buffer basado en pila en el cliente C++ de ejemplo en Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35 y TLXCDLFOFS33 - 3.35 permite a usuarios locales ganar privilegios a través de vectores involucrando un archivo de configuración malformado. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric OFS Client. User interaction is required to exploit this vulnerability in that the target must load a malicious file. The specific flaw exists within the parsing of the configuration file. A crafted configuration file will result in an exploitable stack buffer overflow. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01 http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02 http://www.securityfocus.com/bid/65871 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0759
https://notcve.org/view.php?id=CVE-2014-0759
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. Vulnerabilidad de búsqueda de ruta en Windows sin entrecomillar en Schneider Electric Floating License Manager 1.0.0 hasta 1.4.0 permite a usuarios locales ganar privilegios a través de una aplicación de caballo de troya con un nombre compuesto de una subcadena inicial de una ruta que contiene un caracter de espacio. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01 http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01 •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2013-2824
https://notcve.org/view.php?id=CVE-2013-2824
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet. Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 hasta 7.30SP1, CitectSCADA 7.20 hasta 7.30SP1, StruxureWare PowerSCADA Expert 7.30 hasta 7.30SR1 y PowerLogic SCADA 7.20 hasta 7.20SR1 no manejan debidamente las excepciones, lo que permite a atacantes remotos causar una denegación de servicio a través de un paquete manipulado. • http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01 http://www.citect.schneider-electric.com/security-DoS •