9 matches found
EUVD-2022-27868
Malicious code in bioql PyPI...
The vulnerability of the GOOSE (Generic Object-Oriented Substation Event) protocol implementation in Schneider Electric Easergy P3 micro-programmed devices for relay protection and control allows a perpetrator to execute arbitrary code or cause malfunctions during maintenance.
The vulnerability of the GOOSE Generic Object-Oriented Substation Event protocol implementation in Schneider Electric Easergy P3 microprogrammable devices for relay protection and control systems lies in the copying of buffers without checking the size of input data. Exploiting this vulnerability...
Schneider Electric Easergy P5 and P3
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Easergy P5 and P3 --------- Begin Update A Part 1 of 4 --------- Vulnerabilities: Use of Hard-Coded Credentials, Classic Buffer Overflow, and Improper Input Validation --------- End Update A...
CVE-2022-22725
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
CVE-2022-22725
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
CVE-2022-22725
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
Buffer overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
CVE-2022-22725
CVE-2022-22725 concerns Schneider Electric Easergy P3 (and P5 in the same advisory family) with a buffer overflow in a buffer copy without checking input size. In Easergy P3, all versions prior to V30.205 are affected; in P5, related issue CVE-2022-22723 affects versions prior to V30.205/P1. Heat...
CVE-2022-22725
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...