CVE-2014-9200

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Somove; Somove Lite; Somachine; Unity Pro
Vendor: CVE Published:; 1 February 2015

Summary

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/72335

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02

x_refsource_MISC

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 1, 2015
Vulnerability Reserved
Dec 2, 2014