Lucene search
SchneiderCVELIST:CVE-2023-3953HistoryAug 09, 2023 - 2:02 p.m.
CVE-2023-3953
2023-08-0914:02:44
CWE-119
schneider
www.cve.org
cwe-119
improper restriction
memory corruption
authenticated user
log file
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
12.7%
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory
Buffer vulnerability exists that could cause memory corruption when an authenticated user
opens a tampered log file from GP-Pro EX.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "GP-Pro EX WinGP for iPC",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "v4.09.450 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GP-Pro EX WinGP for PC/AT",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "v4.09.450 and prior"
}
]
}
]Related
nvd
nvd
CVE-2023-3953
2023-08-09 15:15:09
prion
prion
Design/Logic Flaw
2023-08-09 15:15:00
cve
cve
CVE-2023-3953
2023-08-09 15:15:09
cnvd
cnvd
Buffer Overflow Vulnerability in Schneider Electric Pro-face GP-Pro EX
2023-08-14 00:00:00
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
12.7%
Related for CVELIST:CVE-2023-3953