CVE-2016-8374

EPSS 0.42%
Published 13.02.2017 21:59:01
Last modified 20.04.2025 01:37:25
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Schneider-electric ≫ Magelis Gtu Universal Panel Firmware Version-

Schneider-electric ≫ Magelis Gtu Universal Panel Version-

Schneider-electric ≫ Magelis Gto Advanced Optimum Panel Firmware Version-

Schneider-electric ≫ Magelis Gto Advanced Optimum Panel Version-

Schneider-electric ≫ Magelis Sto5 Small Panel Firmware Version-

Schneider-electric ≫ Magelis Sto5 Small Panel Version-

Schneider-electric ≫ Magelis Stu Small Panel Firmware Version-

Schneider-electric ≫ Magelis Stu Small Panel Version-

Schneider-electric ≫ Magelis Xbt Gh Advanced Hand-held Panel Firmware Version-

Schneider-electric ≫ Magelis Xbt Gh Advanced Hand-held Panel Version-

Schneider-electric ≫ Magelis Xbt Gk Advanced Touchscreen Panel With Keyboard Firmware Version-

Schneider-electric ≫ Magelis Xbt Gk Advanced Touchscreen Panel With Keyboard Version-

Schneider-electric ≫ Magelis Xbt Gt Advanced Touchscreen Panel Firmware Version-

Schneider-electric ≫ Magelis Xbt Gt Advanced Touchscreen Panel Version-

Schneider-electric ≫ Magelis Xbt Gtw Advanced Open Touchscreen Panel Firmware Version-

Schneider-electric ≫ Magelis Xbt Gtw Advanced Open Touchscreen Panel Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.42%	0.609

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://www.securityfocus.com/bid/94093

Third Party Advisory

VDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2016-8374

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-8374

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-8374

EUVD