Schneider Electric Easergy T300 RTU up to 2.7.1 pppd buffer overflow

A vulnerability, which was classified as critical, was found in Schneider Electric Easergy T300 RTU up to 2.7.1 (SCADA Software). Affected is some unknown processing of the component pppd. Upgrading to version 2.8 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

139
023

Field

vulnerability_cvss3_meta_tempscore2
vulnerability_cvss3_meta_basescore2
vulnerability_cvss3_nvd_basescore1
vulnerability_cvss2_nvd_basescore1
vulnerability_cvss2_nvd_ai1

Commit Conf

90%34
70%18
50%10

Approve Conf

90%34
70%18
80%10
IDCommitedUserFieldChangeRemarksAcceptedReasonC
1205013701/15/2022VulD...cvss3_nvd_basescore9.8nist.gov01/15/2022accepted
90
1205013601/15/2022VulD...cvss2_nvd_basescore7.5nist.gov01/15/2022accepted
90
1205013501/15/2022VulD...cvss3_meta_tempscore8.5see CVSS documentation01/15/2022accepted
90
1205013401/15/2022VulD...cvss3_meta_basescore8.6see CVSS documentation01/15/2022accepted
90
1205013301/15/2022VulD...cvss2_nvd_aiPnvd.nist.gov01/15/2022accepted
70
1205013201/15/2022VulD...cvss2_nvd_iiPnvd.nist.gov01/15/2022accepted
70
1205013101/15/2022VulD...cvss2_nvd_ciPnvd.nist.gov01/15/2022accepted
70
1205013001/15/2022VulD...cvss2_nvd_auNnvd.nist.gov01/15/2022accepted
70
1205012901/15/2022VulD...cvss2_nvd_acLnvd.nist.gov01/15/2022accepted
70
1205012801/15/2022VulD...cvss2_nvd_avNnvd.nist.gov01/15/2022accepted
70
1205012701/15/2022VulD...cvss3_nvd_aHnvd.nist.gov01/15/2022accepted
70
1205012601/15/2022VulD...cvss3_nvd_iHnvd.nist.gov01/15/2022accepted
70
1205012501/15/2022VulD...cvss3_nvd_cHnvd.nist.gov01/15/2022accepted
70
1205012401/15/2022VulD...cvss3_nvd_sUnvd.nist.gov01/15/2022accepted
70
1205012301/15/2022VulD...cvss3_nvd_uiNnvd.nist.gov01/15/2022accepted
70
1205012201/15/2022VulD...cvss3_nvd_prNnvd.nist.gov01/15/2022accepted
70
1205012101/15/2022VulD...cvss3_nvd_acLnvd.nist.gov01/15/2022accepted
70
1205012001/15/2022VulD...cvss3_nvd_avNnvd.nist.gov01/15/2022accepted
70
1205011901/15/2022VulD...cve_nvd_summaryeap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.cve.mitre.org01/15/2022accepted
70
1205011801/15/2022VulD...cve_assigned1580684400cve.mitre.org01/15/2022accepted
70

42 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!