A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-348-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-02-11 10:15
Updated : 2022-02-18 10:29
NVD link : CVE-2021-22824
Mitre link : CVE-2021-22824
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
schneider-electric
- interactive_graphical_scada_system_data_collector