9.3
CVE-2013-0662
- EPSS 57.66%
- Veröffentlicht 01.04.2014 06:17:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle ics-cert@hq.dhs.gov
- Teams Watchlist Login
- Unerledigt Login
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Concept Updatesr7 Version <= 2.6
Schneider-electric ≫ Modbus Serial Driver Version1.10
Schneider-electric ≫ Modbus Serial Driver Version2.2
Schneider-electric ≫ Modbus Serial Driver Version3.2
Schneider-electric ≫ Modbuscommdtm Sl Version <= 2.1.2
Schneider-electric ≫ Opc Factory Server Version <= 3.5.0
Schneider-electric ≫ Opc Factory Server Version3.34
Schneider-electric ≫ Opc Factory Server Version3.35
Schneider-electric ≫ Pl7 Updatesp7 Version <= 4.5
Schneider-electric ≫ Powersuite Version <= 2.6
Schneider-electric ≫ Sft2841 Version <= 14.0
Schneider-electric ≫ Sft2841 Version13.1
Schneider-electric ≫ Somachine Version <= 3.1
Schneider-electric ≫ Somachine Version2.0
Schneider-electric ≫ Somachine Version3.0 Update-
Schneider-electric ≫ Somove Version <= 1.7
Schneider-electric ≫ Twidosuite Version <= 2.31.04
Schneider-electric ≫ Unity Pro Version <= 7.0
Schneider-electric ≫ Unity Pro Version6.0
Schneider-electric ≫ Unityloader Version <= 2.3
Schneider Electric ≫ Somachine Version3.0 SwEditionxs
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 57.66% | 0.981 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.