CVE-2015-1014 in OFSinfo

Zusammenfassung

von MITRE

A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

10.01.2015

Moderieren

akzeptiert

Eintrag

VDB-132168

CPE

bereit

CWE

CWE-427 (bestätigt)

CVSS

7.3 (NVD)

EPSS

0.00057

KEV

nein

Aktivitäten

very low

Sektor

Agriculture, Energy, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-1014
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-1014
CVE Details	https://www.cvedetails.com/cve/CVE-2015-1014/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!