Buffer Overflow in Schneider Electric ProClima ActiveX Control
CVE-2014-8512

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Proclima
Vendor: CVE Published:; 27 December 2014

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2014-8512?

A buffer overflow vulnerability exists in the ActiveX control Atx45.ocx within Schneider Electric's ProClima software versions prior to 6.1.7. This flaw could allow remote attackers to execute arbitrary code, leading to potential unauthorized access and manipulation of the system. Exploitation of this vulnerability occurs through unspecified vectors, highlighting the importance of updating the software to a secure version to mitigate such risks. For detailed information and updates, researchers and concerned parties can refer to the Schneider Electric advisory and related ICS-CERT resources.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_CONFIRM

https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 27, 2014
Vulnerability Reserved
Oct 28, 2014