Buffer Overflow Vulnerability in Schneider Electric Products
CVE-2023-29414

7.8HIGH

Key Information:

Vendor: Schneider Electric
Status: Accutech Manager
Vendor: CVE Published:; 12 July 2023

Summary

A vulnerability exists in Schneider Electric products where a buffer overflow can occur due to the failure to properly check the size of input during a local function call. This may enable local users to escalate privileges by sending specially crafted string input. It poses significant risks for system integrity and security, requiring immediate attention.

Affected Version(s)

Accutech Manager Version 2.7 and prior

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 12, 2023
Vulnerability Reserved
Apr 5, 2023