2 matches found
CVE-2013-0655
The client in Schneider Electric Software Update SESU Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and consequently execute arbitrary code, by modifying the data stream on TCP port 80...
CVE-2013-0655
The CVE-2013-0655 issue affects Schneider Electric Software Update (SESU) Utility, specifically versions 1.0.x and 1.1.x. The root cause is that the SESU client does not verify the origin of updates, enabling a man-in-the-middle to spoof updates by tampering with the data stream over TCP port 80,...