CVE-2016-8354
https://notcve.org/view.php?id=CVE-2016-8354
An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity project file can make the simulator execute malicious code by redirecting the control flow of these instructions. Ha sido descubierto un problema en Schneider Electric Unity PRO en versiones anteriores a V11.1. • http://www.securityfocus.com/bid/93830 https://ics-cert.us-cert.gov/advisories/ICSA-16-306-03 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2013-0662 – SEIG Modbus 3.4 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2013-0662
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. Múltiples desbordamientos de buffer basado en pila en ModbusDrv.exe en Schneider Electric Modbus Serial Driver 1.10 hasta 3.2 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de tamaño de buffer grande en Modbus Application Header. SEIG Modbus version 3.4 suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/45219 https://www.exploit-db.com/exploits/45220 http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01 http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01 http://www.securityfocus.com/bid/66500 • CWE-787: Out-of-bounds Write •
CVE-2011-3330
https://notcve.org/view.php?id=CVE-2011-3330
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter. Un desbordamiento de búfer en el controlador de dispositivo UNITELWAY Windows, tal y como se utiliza en Schneider Electric Unity Pro v6 y versiones anteriores, en el servidor OPC Factory v3.34, en Vijeo Citect v7.20 y anteriores, en Telemecanique Driver Pack v2.6 y anteriores, en Monitor Pro v7.6 y versiones anteriores, y en PL7 Pro v4.5 y versiones anteriores, permite ejecutar código de su elección a los usuarios locales y posiblemente a los atacantes remotos también, a través de un parámetro del sistema no especificado. • http://secunia.com/advisories/46534 http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page http://www.securityfocus.com/bid/50319 http://www.securitytracker.com/id?1026234 http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/70882 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •