CVE-2014-9200

Опубликовано: 01 фев. 2015

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.

Ссылки

http://www.securityfocus.com/bid/72335
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01
https://www.cisa.gov/news-events/ics-advisories/icsa-15-027-02
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01
Vendor Advisory
http://www.securityfocus.com/bid/72335
https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:schneider-electric:somachine:-:*:*:*:*:*:*:*

cpe:2.3:a:schneider-electric:somove:-:*:*:*:*:*:*:*

cpe:2.3:a:schneider-electric:somove_lite:-:*:*:*:*:*:*:*

cpe:2.3:a:schneider-electric:unity_pro:-:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02192

Низкий

7.5 High

CVSS2

7.5 High

CVSS2

Дефекты

CWE-121

CWE-119

Связанные уязвимости

GHSA-2gx2-9hj7-p6pc

github

больше 3 лет назад

EPSS

Процентиль: 84%

0.02192

Низкий

7.5 High

CVSS2

7.5 High

CVSS2

Дефекты

CWE-121

CWE-119