CNVD-2023-85391 — Vulnetix

CNVD-2023-85391 PUBLISHED CVSS 7.800000190734863 HIGH

Schneider Electric Accutech Manager是法国施耐德电气（Schneider Electric）公司的一个易于使用的界面中提供现场设备和基础无线电性能数据的平台。 Schneider Electric Accutech Manager 2.7及之前版本存在缓冲区溢出漏洞，该漏洞源于未检查输入大小，攻击者可利用该漏洞导致用户权限升级。

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
schneider-electric	accutech_manager	0
Schneider Electric	Accutech Manager	Version 2.7 and prior

Timeline

Jul 12, 2023 CVE Published
Jul 12, 2023 PoC Published
Jul 16, 2023 CVE ID Reserved

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-03.pdf url

Open in Interactive Console →