Description

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a crash of the Control Expert software when an incorrect project file is opened. Affected Products: EcoStruxure Control Expert(V15.1 HF001 and prior).

Related CPE's

a

schneider-electric

ecostruxure_control_expert

3

References

https://www.se.com/us/en/download/document/SEVD-2022-221-03/

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-119

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-09-13T10:15:10.847

2 years ago

Last modified

2022-09-15T19:50:19.060

2 years ago