
CVE-2024-5681
https://notcve.org/view.php?id=CVE-2024-5681
11 Jul 2024 — CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. CWE-20: Existe una vulnerabilidad de validación de entrada incorrecta que podría causar denegación de servicio local, escalada de privilegios y potencialmente ejecución del kernel cuando un actor malicioso con acceso de usuario local crea un s... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf • CWE-20: Improper Input Validation •

CVE-2024-5680
https://notcve.org/view.php?id=CVE-2024-5680
11 Jul 2024 — CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. CWE-129: Existe una vulnerabilidad de validación inadecuada del índice de matriz que podría causar denegación de servicio local cuando un actor malicioso con acceso de usuario local crea un script/programa usando una llamada IOCTL en el controlador Foxboro.sys. CWE-129: Improper Validatio... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf • CWE-129: Improper Validation of Array Index •

CVE-2024-5679
https://notcve.org/view.php?id=CVE-2024-5679
11 Jul 2024 — CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. CWE-787: Existe una vulnerabilidad de escritura fuera de los límites que podría causar denegación de servicio local o pérdida de memoria del kernel cuando un actor malintencionado con acceso de usuario local crea un script/programa usando una llamada IOCTL en el controlador Foxbor... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf • CWE-787: Out-of-bounds Write •

CVE-2023-2570
https://notcve.org/view.php?id=CVE-2023-2570
14 Jun 2023 — A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver. A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpred... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf • CWE-129: Improper Validation of Array Index •

CVE-2023-2569
https://notcve.org/view.php?id=CVE-2023-2569
14 Jun 2023 — A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in ... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf • CWE-787: Out-of-bounds Write •

CVE-2018-7793
https://notcve.org/view.php?id=CVE-2018-7793
24 Dec 2018 — A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission. Existe una vulnerabilidad de gestión de credenciales en FoxView HMI SCADA (todas las versiones de Foxboro DCS, Foxboro Evo e IA Series anteriores a Foxboro DCS Control Core Services 9.... • https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03 •