CVE-2018-7815

7.8HIGH

Key Information:

Vendor: Schneider Electric
Status: Eurotherm By Schneider Electric Guicon V2.0 (gold Build 683.0)
Vendor: CVE Published:; 6 February 2019

Summary

A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file

Affected Version(s)

Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)

References

https://www.schneider-electric.com/ww/en/download/documen...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/106218

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2019
Vulnerability Reserved
Mar 8, 2018