Filtered by vendor Schneider-electric
Subscribe
Filtered by product Interactive Graphical Scada System Data Server
Subscribe
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-24317 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-16 | 5.0 MEDIUM | 7.5 HIGH |
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24313 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-16 | 7.5 HIGH | 9.8 CRITICAL |
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24312 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-16 | 7.5 HIGH | 9.8 CRITICAL |
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24311 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-16 | 7.5 HIGH | 9.8 CRITICAL |
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24310 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-16 | 7.5 HIGH | 9.8 CRITICAL |
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24316 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-15 | 5.0 MEDIUM | 7.5 HIGH |
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24315 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-15 | 5.0 MEDIUM | 7.5 HIGH |
A CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
CVE-2022-24314 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2022-02-15 | 5.0 MEDIUM | 7.5 HIGH |
A CWE-125: Out-of-bounds Read vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) |