5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
12.7%
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory
Buffer vulnerability exists that could cause memory corruption when an authenticated user
opens a tampered log file from GP-Pro EX.
CPE | Name | Operator | Version |
---|---|---|---|
schneider-electric:pro-face_gp-pro_ex | schneider-electric pro-face gp-pro ex | lt | 4.09.500 |
[
{
"defaultStatus": "unaffected",
"product": "GP-Pro EX WinGP for iPC",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "v4.09.450 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GP-Pro EX WinGP for PC/AT",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "v4.09.450 and prior"
}
]
}
]