ActiveX Control Flaw in Schneider Electric ProClima
CVE-2015-8561

Currently unrated

Key Information:

Vendor

Schneider Electric
Status
Proclima
Vendor
CVE Published:
15 December 2015

What is CVE-2015-8561?

The F1BookView ActiveX control in Schneider Electric's ProClima, prior to version 6.2, presents a significant security vulnerability that enables remote attackers to execute arbitrary code or induce a denial of service through crafted integer inputs. These inputs can manipulate methods such as AttachToSS, CopyAll, CopyRange, CopyRangeEx, or SwapTable, potentially leading to serious exploitation. This vulnerability underscores the importance of securing ActiveX controls and ensuring application updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.zerodayinitiative.com/advisories/ZDI-15-628
x_refsource_MISC
http://www.zerodayinitiative.com/advisories/ZDI-15-626
x_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02
x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.