Foxboro.sys Driver Vulnerable to Local Denial-of-Service Attacks
CVE-2024-5680
5.5MEDIUM
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 11 July 2024
What is CVE-2024-5680?
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
Affected Version(s)
EcoStruxure Foxboro DCS Core Control Services Versions 9.8 and prior