VDB

CVE-2023-3953

CVE-2023-3953 PUBLISHED CVSS 5.300000190734863 MEDIUM

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX.

EPSS 0.07% · 22.0th percentile

Risk Scores

CVSS 3.1
5.300000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS Score
0.07%
22.0th percentile

Affected Products

VendorProductVersions
Schneider ElectricGP-Pro EX WinGP for iPCv4.09.450 and prior
Schneider ElectricGP-Pro EX WinGP for PC/ATv4.09.450 and prior
schneider-electricpro-face_gp-pro_ex0

Timeline

  • Aug 9, 2023 CVE Published
  • Aug 10, 2023 EPSS Score
  • Sep 13, 2023 EPSS Score
  • Oct 16, 2023 EPSS Score
  • Nov 19, 2023 EPSS Score
  • Dec 22, 2023 EPSS Score
  • Jan 25, 2024 EPSS Score
  • Feb 28, 2024 EPSS Score
  • Apr 1, 2024 EPSS Score
  • May 5, 2024 EPSS Score
  • Jun 7, 2024 EPSS Score
  • Jul 11, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›