2 matches found
ICSA-19-295-01_Schneider Electric ProClima
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Proclima Vulnerabilities: Code Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Search Path Element 2. RISK EVALUATION...
CVE-2019-6825
CVE-2019-6825 affects Schneider Electric ProClima prior to 8.0.0. It is an Uncontrolled Search Path Element (CWE-427) vulnerability that could allow a malicious DLL with the same name as a resident DLL to execute arbitrary code. The ICSA advisory confirms unauthenticated remote exploitation; CVSS...