6.8
CVE-2014-0779
- EPSS 0.68%
- Veröffentlicht 14.03.2014 10:55:05
- Zuletzt bearbeitet 24.09.2025 22:15:35
- Quelle ics-cert@hq.dhs.gov
- Teams Watchlist Login
- Unerledigt Login
The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build 72.4560, 2010 R3.1 build 72.4644, 2013 R1 build 73.4729, 2013 R1.1 build 73.4832, 2013 R1.1a build 73.4903, 2013 R1.2 build 73.4955, and 2013 R2 build 74.5094 allows remote attackers to cause a denial of service (application crash) via a crafted OPF file (aka project file).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Aveva ≫ Clearscada Version2010 Updater2
Aveva ≫ Clearscada Version2010 Updater2.1
Aveva ≫ Clearscada Version2010 Updater3
Aveva ≫ Clearscada Version2010 Updater3.1
Aveva ≫ Clearscada Version2013 Updater1
Aveva ≫ Clearscada Version2013 Updater1.1
Aveva ≫ Clearscada Version2013 Updater1.1a
Aveva ≫ Clearscada Version2013 Updater1.2
Aveva ≫ Clearscada Version2013 Updater2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.706 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| ics-cert@hq.dhs.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.