Buffer Overflow Vulnerability in Schneider Electric ProClima Software
CVE-2014-8514

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Proclima
Vendor: CVE Published:; 27 December 2014

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2014-8514?

A buffer overflow vulnerability exists in the ActiveX control of MDraw30.ocx used in Schneider Electric's ProClima software prior to version 6.1.7. This flaw can be exploited by remote attackers to execute arbitrary code on the affected system through unspecified vectors. Remediation involves upgrading to the latest version of ProClima to mitigate the risks posed by this vulnerability.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/71710

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 27, 2014
Vulnerability Reserved
Oct 28, 2014