CVE-2021-22808

A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

CVE-2021-22809

A CWE-125:Out-of-Bounds Read vulnerability exists that could cause unintended data disclosure when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

EUVD-2021-9943

Malicious code in bioql PyPI...

EUVD-2021-9942

Malicious code in bioql PyPI...

EUVD-2021-9944

Malicious code in bioql PyPI...

CVE-2021-22808

A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

CVE-2021-22807

A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

Design/Logic Flaw

A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

Out-of-bounds

A CWE-125:Out-of-Bounds Read vulnerability exists that could cause unintended data disclosure when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

CVE-2021-22808

A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

CVE-2021-22807

A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

CVE-2018-7813

A Type Confusion CWE-843 vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 Gold Build 683.0 on pcwin.dll which could cause remote code to be executed when parsing a GD1 file...

CVE-2018-7815

A Type Confusion CWE-843 vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 Gold Build 683.0 on c3core.dll which could cause remote code to be executed when parsing a GD1 file...

CVE-2018-7814

A Stack-based Buffer Overflow CWE-121 vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 Gold Build 683.0 which could cause remote code to be executed when parsing a GD1 file...

Schneider Electric GUIcon Eurotherm

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low skill level to exploit Vendor : Schneider Electric Equipment : Eurotherm by Schneider Electric GUIcon Vulnerabilities : Type Confusion, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...