VDB
CVE-2023-2569
CVE-2023-2569
PUBLISHED
CVSS 7.800000190734863 HIGH
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
EPSS 0.06% · 19.5th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.06%
19.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric | EcoStruxure Foxboro DCS Control Core Services | * |
| schneider-electric | ecostruxure_foxboro_dcs_control_core_services |
Exploit Intelligence
Timeline
- Jun 13, 2023 CVE Published
- Jun 14, 2023 EPSS Score
- Jul 20, 2023 EPSS Score
- Aug 24, 2023 EPSS Score
- Sep 29, 2023 EPSS Score
- Nov 3, 2023 EPSS Score
- Dec 9, 2023 EPSS Score
- Jan 13, 2024 EPSS Score
- Feb 18, 2024 EPSS Score
- Mar 24, 2024 EPSS Score
- Apr 29, 2024 EPSS Score
- Jun 4, 2024 EPSS Score
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf url
- https://nvd.nist.gov/vuln/detail/CVE-2023-2569 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-03.pdf advisory