Описание
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdlfofs33:3.35:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdltofs33:3.35:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdluofs33:3.35:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdstofs33:3.35:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdsuofs33:3.35:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:opc_factory_server:3.35:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
6.8 Medium
CVSS2
6.9 Medium
CVSS2
Дефекты
CWE-121
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.
EPSS
Процентиль: 20%
0.00063
Низкий
6.8 Medium
CVSS2
6.9 Medium
CVSS2
Дефекты
CWE-121
CWE-119