exploitDog

CVE-2015-3977

Опубликовано: 15 нояб. 2015

Источник: nvd

CVSS2: 7.7

EPSS Низкий

Описание

Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply.

Ссылки

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-215-01
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-15-223-01
Third Party Advisory
US Government Resource
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-215-01
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-15-223-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:schneider-electric:imt25_magnetic_flow_dtm:*:*:*:*:*:*:*:*

Версия до 1.500.000 (включая)

EPSS

Процентиль: 32%

0.00127

Низкий

7.7 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-2pwf-vfjj-694r

github

больше 3 лет назад

Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply.

EPSS

Процентиль: 32%

0.00127

Низкий

7.7 High

CVSS2

Дефекты

CWE-119