EUVD-2024-46854

Malicious code in bioql PyPI...

The vulnerability of the Foxboro.sys driver of the distributed system management software EcoStruxureTM Foxboro DCS Control Core Services allows a attacker to execute arbitrary code.

The vulnerability of the Foxboro.sys driver, a microprogramming software for distributed system control systems like EcoStruxureTM Foxboro DCS Control Core Services, lies in the possibility of writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the Foxboro.sys driver, a microprogramming software for distributed system management, allows a attacker to cause a service failure.

The vulnerability of the Foxboro.sys driver, a microprogramming software for distributed control systems like EcoStruxureTM Foxboro DCS Control Core Services, is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause service failures...

CVE-2024-5680

CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

Schneider Electric EcoStruxure Foxboro DCS Input Validation Error Vulnerability

Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric France. An input validation error vulnerability exists in Schneider Electric EcoStruxure Foxboro DCS Core Control Services version 9.8 and earlier, which stems fr...

PT-2024-5154 · Unknown · Foxboro.Sys

Name of the Vulnerable Software and Affected Versions: Foxboro.sys driver affected versions not specified Description: The issue is related to an Out-of-Bounds Write vulnerability that could cause local denial-of-service or kernel memory leak. A malicious actor with local user access can craft a...

PT-2024-5178 · Schneider Electric · Ecostruxure Foxboro Dcs Control Core Services

Name of the Vulnerable Software and Affected Versions: EcoStruxureTM Foxboro DCS Control Core Services affected versions not specified Description: The issue is related to insufficient input validation in the Foxboro.sys driver, which could allow an attacker to cause a denial-of-service,...

PT-2024-5155 · Unknown · Foxboro.Sys

Name of the Vulnerable Software and Affected Versions: Foxboro.sys driver affected versions not specified Description: The issue is related to an Improper Validation of Array Index, which could cause a local denial-of-service when a malicious actor with local user access crafts a script or progra...

CVE-2023-2569

A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

The vulnerability of the Foxboro.sys driver of the distributed system management software EcoStruxureTM Foxboro DCS Control Core Services allows a attacker to execute arbitrary code.

The vulnerability of the Foxboro.sys driver, a microprogramming software for the distributed control system EcoStruxureTM Foxboro DCS Control Core Services, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by...