6.8
CVE-2014-0779
- EPSS 0.68%
- Published 14.03.2014 10:55:05
- Last modified 24.09.2025 22:15:35
- Source ics-cert@hq.dhs.gov
- Teams watchlist Login
- Open Login
The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build 72.4560, 2010 R3.1 build 72.4644, 2013 R1 build 73.4729, 2013 R1.1 build 73.4832, 2013 R1.1a build 73.4903, 2013 R1.2 build 73.4955, and 2013 R2 build 74.5094 allows remote attackers to cause a denial of service (application crash) via a crafted OPF file (aka project file).
Data is provided by the National Vulnerability Database (NVD)
Aveva ≫ Clearscada Version2010 Updater2
Aveva ≫ Clearscada Version2010 Updater2.1
Aveva ≫ Clearscada Version2010 Updater3
Aveva ≫ Clearscada Version2010 Updater3.1
Aveva ≫ Clearscada Version2013 Updater1
Aveva ≫ Clearscada Version2013 Updater1.1
Aveva ≫ Clearscada Version2013 Updater1.1a
Aveva ≫ Clearscada Version2013 Updater1.2
Aveva ≫ Clearscada Version2013 Updater2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.706 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| ics-cert@hq.dhs.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.