Lucene search
HistoryAug 09, 2023 - 3:15 p.m.
CVE-2023-3953
cve-2023-3953
cwe-119
memory buffer
memory corruption
authentication
tampered log file
nvd
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
12.7%
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory
Buffer vulnerability exists that could cause memory corruption when an authenticated user
opens a tampered log file from GP-Pro EX.
Affected configurations
Node
schneider-electricpro-face_gp-pro_exRange<4.09.500
| CPE | Name | Operator | Version |
|---|---|---|---|
| schneider-electric:pro-face_gp-pro_ex | schneider-electric pro-face gp-pro ex | lt | 4.09.500 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "GP-Pro EX WinGP for iPC",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "v4.09.450 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GP-Pro EX WinGP for PC/AT",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "v4.09.450 and prior"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-08-09 15:15:00
cnvd
cnvd
Buffer Overflow Vulnerability in Schneider Electric Pro-face GP-Pro EX
2023-08-14 00:00:00
nvd
nvd
CVE-2023-3953
2023-08-09 15:15:09
cvelist
cvelist
CVE-2023-3953
2023-08-09 14:02:44
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2023-3953