Stack-Based Buffer Overflow in Schneider Electric VAMPSET Product
CVE-2014-5407

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Vampset
Vendor: CVE Published:; 15 September 2014

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2014-5407?

Multiple stack-based buffer overflows exist in Schneider Electric's VAMPSET software, affecting version 2.2.136 and earlier. These vulnerabilities may allow local users to exploit malformed setting files or disturbance recording files, potentially leading to a denial of service by halting the application's operations. It is critical for users running affected versions to apply mitigations as recommended by security advisories to safeguard against potential exploits.

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-254-01

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2014
Vulnerability Reserved
Aug 22, 2014