6 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

11 Jul 2024 — CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. CWE-20: Existe una vulnerabilidad de validación de entrada incorrecta que podría causar denegación de servicio local, escalada de privilegios y potencialmente ejecución del kernel cuando un actor malicioso con acceso de usuario local crea un s... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

11 Jul 2024 — CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. CWE-129: Existe una vulnerabilidad de validación inadecuada del índice de matriz que podría causar denegación de servicio local cuando un actor malicioso con acceso de usuario local crea un script/programa usando una llamada IOCTL en el controlador Foxboro.sys. CWE-129: Improper Validatio... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf • CWE-129: Improper Validation of Array Index •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

11 Jul 2024 — CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. CWE-787: Existe una vulnerabilidad de escritura fuera de los límites que podría causar denegación de servicio local o pérdida de memoria del kernel cuando un actor malintencionado con acceso de usuario local crea un script/programa usando una llamada IOCTL en el controlador Foxbor... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

14 Jun 2023 — A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver. A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpred... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf • CWE-129: Improper Validation of Array Index •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

14 Jun 2023 — A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in ... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf • CWE-787: Out-of-bounds Write •

CVSS: 8.7EPSS: 0%CPEs: 4EXPL: 0

24 Dec 2018 — A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission. Existe una vulnerabilidad de gestión de credenciales en FoxView HMI SCADA (todas las versiones de Foxboro DCS, Foxboro Evo e IA Series anteriores a Foxboro DCS Control Core Services 9.... • https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03 •