Stack-based Buffer Overflow in Schneider Electric Unity Pro and Related Products
CVE-2014-9200

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Somove; Somove Lite; Somachine; Unity Pro
Vendor: CVE Published:; 1 February 2015

Summary

The vulnerability exists due to a stack-based buffer overflow in an unspecified DLL file within the DTM development kit of Schneider Electric products, including Unity Pro and associated libraries. This flaw allows remote attackers to exploit the vulnerability via unknown methods, potentially enabling them to execute arbitrary code on affected systems. Users should update to the latest versions of their software to mitigate any risk associated with this vulnerability.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/72335

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02

x_refsource_MISC

Timeline

Vulnerability published
Feb 1, 2015
Vulnerability Reserved
Dec 2, 2014