Lucene search
HistoryMar 14, 2015 - 1:59 a.m.
CVE-2014-9206
cve-2014-9206
stack-based buffer overflow
device type manager
dtm
schneider electric
invensys
srd control valve positioner
dll
local privilege escalation
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.3 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.2%
Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and earlier for Schneider Electric Invensys SRD Control Valve Positioner devices 960 and 991 allows local users to gain privileges via a malformed DLL file.
Affected configurations
Node
schneider-electricdevice_type_managerRange≤3.1.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| schneider-electric:device_type_manager | schneider-electric device type manager | le | 3.1.6 |
Related
ics
ics
Schneider Electric Invensys Positioner Buffer Overflow Vulnerability
2018-08-29 12:00:00
cvelist
cvelist
CVE-2014-9206
2015-03-14 01:00:00
nvd
nvd
CVE-2014-9206
2015-03-14 01:59:06
prion
prion
Stack overflow
2015-03-14 01:59:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.3 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.2%
Related for CVE-2014-9206