Schneider Electric SoMachine HVAC AxEditGrid ActiveX Untrusted Pointer Dereference (CVE-2016-4529)

The vulnerability is due to a dereference of user-supplied SetDataIntf parameter value as a function pointer within the AxEditGrid ActiveX control. A remote, unauthenticated attacker could exploit this vulnerability by enticing a victim user to open a specially crafted web page. Successful...

CVE-2016-4529

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFEFORUNTRUSTEDCALLER aka safe for scripting flag...

CVE-2016-4529

Schneider Electric SoMachine HVAC programming software for M171/M172 Controllers contains an unsafe ActiveX control (AxEditGrid) with a SetDataIntf dereference vulnerability. The flaw allows remote code execution via an attacker-supplied memory address in the untrusted pointer dereference within ...

Schneider Electric SoMachine HVAC Unsafe ActiveX Control Vulnerability

OVERVIEW Andrea Micalizzi discovered an unsafe ActiveX control vulnerability in Schneider Electric’s SoMachine software. He reported this vulnerability to ZDI who then reported it to NCCIC/ICS‑CERT. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could b...