Buffer Overflow Vulnerability in Schneider Electric ProClima ActiveX Control
CVE-2014-9188

Currently unrated

Key Information:

Vendor

Schneider Electric
Status
Proclima
Vendor
CVE Published:
27 December 2014

What is CVE-2014-9188?

A buffer overflow vulnerability exists in the ActiveX control (MDraw30.ocx) of Schneider Electric's ProClima software versions prior to 6.1.7. This flaw enables remote attackers to execute arbitrary code on the affected systems via unspecified vectors, posing a significant risk to data integrity and system security. Users are advised to update to the latest version to mitigate this risk.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...
x_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.