CVE-2020-7527
https://notcve.org/view.php?id=CVE-2020-7527
Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full access control to local system users to SoMove component and services when a SoMove installer script is launched. Se presenta una vulnerabilidad de Permiso Predeterminado Incorrecto en SoMove (versiones V2.8.1) y anteriores, que podría causar una elevación de privilegios y proporcionar un control de acceso total a usuarios del sistema local para el componente y servicios de SoMove cuando es iniciado un script de instalación de SoMove • https://www.se.com/ww/en/download/document/SEVD-2020-224-07 • CWE-276: Incorrect Default Permissions •
CVE-2018-7239
https://notcve.org/view.php?id=CVE-2018-7239
A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. Existe una vulnerabilidad de secuestro de DLL en SoMove Software de Schneider Electric y en los componentes de software DTM asociados, en todas las versiones anteriores a la 2.6.2. Esto podría permitir que un atacante ejecute código arbitrario. • http://www.securityfocus.com/bid/103338 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-02 https://www.schneider-electric.com/en/download/document/SEVD-2018-060-01 • CWE-426: Untrusted Search Path •
CVE-2014-9200 – Schneider Electric SoMove Lite IsObjectModel RemoveParameter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-9200
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en pila en un fichero DLL no especificado en un juego de desarrollo DTM en Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 y anteriores, CANopen Communication Library 1.0.2 y anteriores, EtherNet/IP Communication Library 1.0.0 y anteriores, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, y Xantrex DTMs permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric SoMove Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the IsObjectModel.ModelObject.1 ActiveX control in isObjectModel.dll. The control does not check the length of an attacker-supplied string in the RemoveParameter method before copying it into a fixed length buffer on the stack. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01 http://www.securityfocus.com/bid/72335 https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-0662 – SEIG Modbus 3.4 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2013-0662
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. Múltiples desbordamientos de buffer basado en pila en ModbusDrv.exe en Schneider Electric Modbus Serial Driver 1.10 hasta 3.2 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de tamaño de buffer grande en Modbus Application Header. SEIG Modbus version 3.4 suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/45219 https://www.exploit-db.com/exploits/45220 http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01 http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01 http://www.securityfocus.com/bid/66500 • CWE-787: Out-of-bounds Write •