Improper Input Validation in Schneider Electric's Engineering Workstation
CVE-2024-10083

6.8MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Uni-telway Driver; Uni-telway Driver Used In Ecostruxure Control Expert; Uni-telway Driver Used In Ecostruxure Process Expert; Uni-telway Driver Used In Ecostruxure Process Expert For Aveva System Platform
Vendor: CVE Published:; 13 February 2025

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2024-10083?

An improper input validation flaw has been identified in Schneider Electric's Engineering Workstation. This vulnerability may allow an authenticated user to exploit specific driver interfaces with crafted inputs, potentially resulting in a denial of service condition. Proper measures should be taken to ensure that only validated and expected input is processed by the system, mitigating the risk of disruption to services.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Uni-Telway driver All versions

Uni-Telway driver used in EcoStruxure Control Expert All versions

Uni-Telway driver used in EcoStruxure Process Expert All Versions

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 13, 2025
Vulnerability Reserved
Oct 17, 2024

JSON

Schneider Electric

What is CVE-2024-10083?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.