12 matches found
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
The vulnerability of Schneider Electric EcoStruxure Power Build Rapsody software for designing and configuring electrical systems lies in buffer overflows in the stack. This allows a malicious actor to execute arbitrary code.
The vulnerability of Schneider Electric EcoStruxure Power Build Rapsody software for electrical system design and configuration is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created malicious file...
CVE-2021-22698
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22698
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
Stack overflow
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
Design/Logic Flaw
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
CVE-2021-22698
CVE-2021-22698 affects Schneider Electric EcoStruxure Power Build-Rapsody (V2.1.13 and prior). The issue is a CWE-434 Unrestricted Upload of File with Dangerous Type in SSD file parsing, caused by insufficient validation of user-supplied data length before copying to a fixed-length stack buffer, ...
CVE-2021-22698
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
CVE-2021-22697
CVE-2021-22697 affects Schneider Electric EcoStruxure Power Build-Rapsody (versions up to 2.1.13). The issue is a CWE-434 Unrestricted Upload of File with Dangerous Type in SSD file parsing, leading to a use-after-free condition and potential remote code execution. Exploitation described as requi...