Search criteria
10 vulnerabilities found for opc_factory_server by schneider-electric
CVE-2023-2161 (GCVE-0-2023-2161)
Vulnerability from nvd – Published: 2023-05-16 04:31 – Updated: 2025-01-22 21:45
VLAI?
Summary
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that
could cause unauthorized read access to the file system when a malicious configuration file is
loaded on to the software by a local user.
Severity ?
5 (Medium)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric | OPC Factory Server (OFS) |
Affected:
Versions prior to V3.63SP2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-01.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T21:45:03.652513Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T21:45:06.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OPC Factory Server (OFS)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions prior to V3.63SP2"
}
]
}
],
"datePublic": "2023-05-09T04:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that\ncould cause unauthorized read access to the file system when a malicious configuration file is\nloaded on to the software by a local user.\u0026nbsp;"
}
],
"value": "\nA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that\ncould cause unauthorized read access to the file system when a malicious configuration file is\nloaded on to the software by a local user.\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-16T04:31:26.482Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-01.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2023-2161",
"datePublished": "2023-05-16T04:31:26.482Z",
"dateReserved": "2023-04-18T15:35:46.157Z",
"dateUpdated": "2025-01-22T21:45:06.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1014 (GCVE-0-2015-1014)
Vulnerability from nvd – Published: 2019-03-25 18:07 – Updated: 2024-08-06 04:33
VLAI?
Summary
A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version.
Severity ?
No CVSS data available.
CWE
- CWE-427 - DLL hijacking CWE-427
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric | OFS v3.5 |
Affected:
< v7.40 of SCADA Expert Vijeo Citect/CitectSCADA
Affected: < v7.30 of Vijeo Citect/CitectSCADA Affected: < v7.20 of Vijeo Citect/CitectSCADA. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:19.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OFS v3.5",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "\u003c v7.40 of SCADA Expert Vijeo Citect/CitectSCADA"
},
{
"status": "affected",
"version": "\u003c v7.30 of Vijeo Citect/CitectSCADA"
},
{
"status": "affected",
"version": "\u003c v7.20 of Vijeo Citect/CitectSCADA."
}
]
}
],
"datePublic": "2015-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "DLL hijacking CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T18:07:36",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-1014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OFS v3.5",
"version": {
"version_data": [
{
"version_value": "\u003c v7.40 of SCADA Expert Vijeo Citect/CitectSCADA"
},
{
"version_value": "\u003c v7.30 of Vijeo Citect/CitectSCADA"
},
{
"version_value": "\u003c v7.20 of Vijeo Citect/CitectSCADA."
}
]
}
}
]
},
"vendor_name": "Schneider Electric"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL hijacking CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-1014",
"datePublished": "2019-03-25T18:07:36",
"dateReserved": "2015-01-10T00:00:00",
"dateUpdated": "2024-08-06T04:33:19.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0662 (GCVE-0-2013-0662)
Vulnerability from nvd – Published: 2014-03-28 19:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01"
},
{
"name": "45219",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45219/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01"
},
{
"name": "66500",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66500"
},
{
"name": "45220",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45220/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-22T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01"
},
{
"name": "45219",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45219/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01"
},
{
"name": "66500",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66500"
},
{
"name": "45220",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45220/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01"
},
{
"name": "45219",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45219/"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01"
},
{
"name": "66500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66500"
},
{
"name": "45220",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45220/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0662",
"datePublished": "2014-03-28T19:00:00",
"dateReserved": "2012-12-19T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0774 (GCVE-0-2014-0774)
Vulnerability from nvd – Published: 2014-02-28 02:00 – Updated: 2025-09-24 21:10
VLAI?
Title
Schneider Electric OFS Stack Buffer Overflow
Summary
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Schneider Electric | TLXCDSUOFS33 |
Affected:
V3.35
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Schneider Electric
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"
},
{
"name": "65871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TLXCDSUOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDSTOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDLUOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDLTOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDLFOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Schneider Electric"
}
],
"datePublic": "2014-02-27T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T21:10:10.144Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"
},
{
"name": "65871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65871"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSchneider Electric has a product upgrade as well as a workaround \nsolution \nthat mitigates this \nvulnerability.\u0026nbsp;\u003c/p\u003e\u003cp\u003eSchneider Electric Security Notification SEVD \n2014-031-01,\u201dVulnerability Disclosure \u2013 OPC Factory Server V3.35,\u201d \n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.downloads.schneider-electric.com/?p_Conf=\u0026amp;p_localesFilter=\u0026amp;p_docTypeFilter=1555899,\u0026amp;p_docTypeGroupFilter=3541958\"\u003ehttp://www.downloads.schneider-electric.com/?p_Conf=\u0026amp;p_localesFilter=\u0026amp;p_docTypeFilter=155589...\u003c/a\u003e\u0026nbsp; \u0026nbsp;\u003c/p\u003e\n\u003cdiv\u003e\n\u003cp\u003eThe security announcements affecting the OPC Factory Server are available here:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page\"\u003ehttp://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page\u003c/a\u003e\u003c/p\u003e\u003c/div\u003eSchneider\n Electric recommends customers to upgrade to OFS v3.4 or later (Version \nv3.5 is currently available). Customers that cannot upgrade are directed\n to remove the demonstration client from affected computers, provided it\n is not required for operations.\n\n\u003cbr\u003e"
}
],
"value": "Schneider Electric has a product upgrade as well as a workaround \nsolution \nthat mitigates this \nvulnerability.\u00a0\n\nSchneider Electric Security Notification SEVD \n2014-031-01,\u201dVulnerability Disclosure \u2013 OPC Factory Server V3.35,\u201d \n http://www.downloads.schneider-electric.com/?p_Conf=\u0026p_localesFilter=\u0026p_docTypeFilter=155589... http://www.downloads.schneider-electric.com/ \u00a0 \u00a0\n\n\n\nThe security announcements affecting the OPC Factory Server are available here:\n\n\n http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page \n\n\n\nSchneider\n Electric recommends customers to upgrade to OFS v3.4 or later (Version \nv3.5 is currently available). Customers that cannot upgrade are directed\n to remove the demonstration client from affected computers, provided it\n is not required for operations."
}
],
"source": {
"advisory": "ICSA-14-058-02",
"discovery": "INTERNAL"
},
"title": "Schneider Electric OFS Stack Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-0774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"
},
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"
},
{
"name": "65871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-0774",
"datePublished": "2014-02-28T02:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2025-09-24T21:10:10.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3330 (GCVE-0-2011-3330)
Vulnerability from nvd – Published: 2011-11-04 21:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "schneider-unitelway-bo(70882)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70882"
},
{
"name": "50319",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50319"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page"
},
{
"name": "46534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46534"
},
{
"name": "1026234",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "schneider-unitelway-bo(70882)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70882"
},
{
"name": "50319",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50319"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page"
},
{
"name": "46534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46534"
},
{
"name": "1026234",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-3330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "schneider-unitelway-bo(70882)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70882"
},
{
"name": "50319",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50319"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf"
},
{
"name": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page",
"refsource": "CONFIRM",
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page"
},
{
"name": "46534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46534"
},
{
"name": "1026234",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-3330",
"datePublished": "2011-11-04T21:00:00",
"dateReserved": "2011-08-29T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2161 (GCVE-0-2023-2161)
Vulnerability from cvelistv5 – Published: 2023-05-16 04:31 – Updated: 2025-01-22 21:45
VLAI?
Summary
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that
could cause unauthorized read access to the file system when a malicious configuration file is
loaded on to the software by a local user.
Severity ?
5 (Medium)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric | OPC Factory Server (OFS) |
Affected:
Versions prior to V3.63SP2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-01.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T21:45:03.652513Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T21:45:06.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OPC Factory Server (OFS)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions prior to V3.63SP2"
}
]
}
],
"datePublic": "2023-05-09T04:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that\ncould cause unauthorized read access to the file system when a malicious configuration file is\nloaded on to the software by a local user.\u0026nbsp;"
}
],
"value": "\nA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that\ncould cause unauthorized read access to the file system when a malicious configuration file is\nloaded on to the software by a local user.\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-16T04:31:26.482Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-01.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2023-2161",
"datePublished": "2023-05-16T04:31:26.482Z",
"dateReserved": "2023-04-18T15:35:46.157Z",
"dateUpdated": "2025-01-22T21:45:06.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1014 (GCVE-0-2015-1014)
Vulnerability from cvelistv5 – Published: 2019-03-25 18:07 – Updated: 2024-08-06 04:33
VLAI?
Summary
A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version.
Severity ?
No CVSS data available.
CWE
- CWE-427 - DLL hijacking CWE-427
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric | OFS v3.5 |
Affected:
< v7.40 of SCADA Expert Vijeo Citect/CitectSCADA
Affected: < v7.30 of Vijeo Citect/CitectSCADA Affected: < v7.20 of Vijeo Citect/CitectSCADA. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:19.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OFS v3.5",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "\u003c v7.40 of SCADA Expert Vijeo Citect/CitectSCADA"
},
{
"status": "affected",
"version": "\u003c v7.30 of Vijeo Citect/CitectSCADA"
},
{
"status": "affected",
"version": "\u003c v7.20 of Vijeo Citect/CitectSCADA."
}
]
}
],
"datePublic": "2015-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "DLL hijacking CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T18:07:36",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-1014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OFS v3.5",
"version": {
"version_data": [
{
"version_value": "\u003c v7.40 of SCADA Expert Vijeo Citect/CitectSCADA"
},
{
"version_value": "\u003c v7.30 of Vijeo Citect/CitectSCADA"
},
{
"version_value": "\u003c v7.20 of Vijeo Citect/CitectSCADA."
}
]
}
}
]
},
"vendor_name": "Schneider Electric"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL hijacking CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-1014",
"datePublished": "2019-03-25T18:07:36",
"dateReserved": "2015-01-10T00:00:00",
"dateUpdated": "2024-08-06T04:33:19.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0662 (GCVE-0-2013-0662)
Vulnerability from cvelistv5 – Published: 2014-03-28 19:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01"
},
{
"name": "45219",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45219/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01"
},
{
"name": "66500",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66500"
},
{
"name": "45220",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45220/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-22T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01"
},
{
"name": "45219",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45219/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01"
},
{
"name": "66500",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66500"
},
{
"name": "45220",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45220/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202013-070-01"
},
{
"name": "45219",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45219/"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01"
},
{
"name": "66500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66500"
},
{
"name": "45220",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45220/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0662",
"datePublished": "2014-03-28T19:00:00",
"dateReserved": "2012-12-19T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0774 (GCVE-0-2014-0774)
Vulnerability from cvelistv5 – Published: 2014-02-28 02:00 – Updated: 2025-09-24 21:10
VLAI?
Title
Schneider Electric OFS Stack Buffer Overflow
Summary
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Schneider Electric | TLXCDSUOFS33 |
Affected:
V3.35
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Schneider Electric
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"
},
{
"name": "65871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TLXCDSUOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDSTOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDLUOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDLTOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLXCDLFOFS33",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V3.35"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Schneider Electric"
}
],
"datePublic": "2014-02-27T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T21:10:10.144Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"
},
{
"name": "65871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65871"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSchneider Electric has a product upgrade as well as a workaround \nsolution \nthat mitigates this \nvulnerability.\u0026nbsp;\u003c/p\u003e\u003cp\u003eSchneider Electric Security Notification SEVD \n2014-031-01,\u201dVulnerability Disclosure \u2013 OPC Factory Server V3.35,\u201d \n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.downloads.schneider-electric.com/?p_Conf=\u0026amp;p_localesFilter=\u0026amp;p_docTypeFilter=1555899,\u0026amp;p_docTypeGroupFilter=3541958\"\u003ehttp://www.downloads.schneider-electric.com/?p_Conf=\u0026amp;p_localesFilter=\u0026amp;p_docTypeFilter=155589...\u003c/a\u003e\u0026nbsp; \u0026nbsp;\u003c/p\u003e\n\u003cdiv\u003e\n\u003cp\u003eThe security announcements affecting the OPC Factory Server are available here:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page\"\u003ehttp://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page\u003c/a\u003e\u003c/p\u003e\u003c/div\u003eSchneider\n Electric recommends customers to upgrade to OFS v3.4 or later (Version \nv3.5 is currently available). Customers that cannot upgrade are directed\n to remove the demonstration client from affected computers, provided it\n is not required for operations.\n\n\u003cbr\u003e"
}
],
"value": "Schneider Electric has a product upgrade as well as a workaround \nsolution \nthat mitigates this \nvulnerability.\u00a0\n\nSchneider Electric Security Notification SEVD \n2014-031-01,\u201dVulnerability Disclosure \u2013 OPC Factory Server V3.35,\u201d \n http://www.downloads.schneider-electric.com/?p_Conf=\u0026p_localesFilter=\u0026p_docTypeFilter=155589... http://www.downloads.schneider-electric.com/ \u00a0 \u00a0\n\n\n\nThe security announcements affecting the OPC Factory Server are available here:\n\n\n http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page \n\n\n\nSchneider\n Electric recommends customers to upgrade to OFS v3.4 or later (Version \nv3.5 is currently available). Customers that cannot upgrade are directed\n to remove the demonstration client from affected computers, provided it\n is not required for operations."
}
],
"source": {
"advisory": "ICSA-14-058-02",
"discovery": "INTERNAL"
},
"title": "Schneider Electric OFS Stack Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-0774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"
},
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"
},
{
"name": "65871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-0774",
"datePublished": "2014-02-28T02:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2025-09-24T21:10:10.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3330 (GCVE-0-2011-3330)
Vulnerability from cvelistv5 – Published: 2011-11-04 21:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "schneider-unitelway-bo(70882)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70882"
},
{
"name": "50319",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50319"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page"
},
{
"name": "46534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46534"
},
{
"name": "1026234",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "schneider-unitelway-bo(70882)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70882"
},
{
"name": "50319",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50319"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page"
},
{
"name": "46534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46534"
},
{
"name": "1026234",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-3330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "schneider-unitelway-bo(70882)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70882"
},
{
"name": "50319",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50319"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf"
},
{
"name": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page",
"refsource": "CONFIRM",
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page"
},
{
"name": "46534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46534"
},
{
"name": "1026234",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-3330",
"datePublished": "2011-11-04T21:00:00",
"dateReserved": "2011-08-29T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}