Buffer Overflow Vulnerability in Schneider Electric ProClima ActiveX Control
CVE-2014-8511

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Proclima
Vendor: CVE Published:; 27 December 2014

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2014-8511?

A buffer overflow vulnerability exists in an ActiveX control within Atx45.ocx of Schneider Electric's ProClima, allowing remote attackers to potentially execute arbitrary code. This vulnerability arises from improper validation of input, enabling an attacker to exploit the defect through unspecified vectors. Users of ProClima versions prior to 6.1.7 are advised to update their software promptly to mitigate this risk.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_CONFIRM

https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 27, 2014
Vulnerability Reserved
Oct 28, 2014