Описание
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.4.11 (исключая)
Одновременно
cpe:2.3:o:schneider-electric:modicon_m258_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m258:-:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:schneider-electric:somachine:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:somachine_motion:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00276
Низкий
6.8 Medium
CVSS3
5.2 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.
EPSS
Процентиль: 51%
0.00276
Низкий
6.8 Medium
CVSS3
5.2 Medium
CVSS2
Дефекты
CWE-119