VDB

CNVD-2023-55390

CNVD-2023-55390 PUBLISHED CVSS 7.800000190734863 HIGH

Schneider Electric EcoStruxure Foxboro DCS是法国施耐德电气(Schneider Electric)公司的一个创新的容错、高度可用的控制组件。 Schneider Electric EcoStruxure Foxboro DCS Control Core Services存在缓冲区溢出漏洞,该漏洞源于应用在处理不受信任的输入时出现边界错误。攻击者可利用该漏洞在系统上执行任意代码。

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Schneider ElectricEcoStruxure Foxboro DCS Control Core ServicesAll versions prior to patch HF9857795

Exploit Intelligence

Timeline

  • Jun 16, 2023 CVE ID Reserved
  • Jun 16, 2023 PoC Published
  • Jul 12, 2023 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›