Buffer Overflow Vulnerability in Schneider Electric VAMPSET Software
CVE-2014-8390

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Vampset
Vendor: CVE Published:; 3 April 2015

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2014-8390?

Multiple buffer overflow vulnerabilities exist in Schneider Electric's VAMPSET software prior to version 2.2.168. These vulnerabilities can be exploited by local users through malformed disturbance-recording data in CONFIG (CFG) or DATA (DAT) files, potentially allowing them to gain elevated privileges within the system.

References

http://www.securityfocus.com/archive/1/535142/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/73405

vdb-entryx_refsource_BID

http://www.coresecurity.com/advisories/schneider-vampset-...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 3, 2015
Vulnerability Reserved
Oct 22, 2014