Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9200

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-9200
Last Modified 03 Feb 2015 10:36:40
Published 01 Feb 2015 10:59:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9200

Summary

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • Schneider-electric Somachine -

  • Schneider-electric Somove -

  • Schneider-electric Somove Lite -

  • Schneider-electric Unity Pro -


References

MISC - https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02

CONFIRM - http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01


Last Updated: 27 May 2016 11:07:40