CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-5560
https://notcve.org/view.php?id=CVE-2024-5560
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request. CWE-125: Existe una vulnerabilidad de lectura fuera de los límites que podría causar denegación de servicio de la interfaz web del dispositivo cuando un atacante envía una solicitud HTTP especialmente manipulada. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-05.pdf • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6485
https://notcve.org/view.php?id=CVE-2015-6485
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet. Schneider Electric Telvent Sage 2300 RTUs con firmware anterior a C3413-500-S01 y LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400 y Sage 3030M RTUs con firmware anterior a C3414-500-S02J2, permiten a atacantes remotos obtener información sensible de memoria del dispositivo leyendo un campo de relleno de un paquete Ethernet. • https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •