CVE-2023-2161
- EPSS 0.03%
- Published 16.05.2023 05:15:09
- Last modified 21.11.2024 07:58:03
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized read access to the file system when a malicious configuration file is loaded on to the software by a local user.
CVE-2015-1014
- EPSS 0.06%
- Published 25.03.2019 19:29:00
- Last modified 21.11.2024 02:24:29
A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version...
CVE-2013-0662
- EPSS 57.66%
- Published 01.04.2014 06:17:08
- Last modified 12.04.2025 10:46:40
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
CVE-2014-0774
- EPSS 0.06%
- Published 28.02.2014 06:18:54
- Last modified 24.09.2025 22:15:34
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via ...
CVE-2011-3330
- EPSS 1.13%
- Published 04.11.2011 21:55:03
- Last modified 11.04.2025 00:51:21
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro...