ActiveX Control Flaw in Schneider Electric ProClima
CVE-2015-8561

Currently unrated

Key Information:

Status
Vendor
CVE Published:
15 December 2015

What is CVE-2015-8561?

The F1BookView ActiveX control in Schneider Electric's ProClima, prior to version 6.2, presents a significant security vulnerability that enables remote attackers to execute arbitrary code or induce a denial of service through crafted integer inputs. These inputs can manipulate methods such as AttachToSS, CopyAll, CopyRange, CopyRangeEx, or SwapTable, potentially leading to serious exploitation. This vulnerability underscores the importance of securing ActiveX controls and ensuring application updates.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.