19 matches found
EUVD-2023-34047
Malicious code in bioql PyPI...
EUVD-2024-46852
Malicious code in bioql PyPI...
EUVD-2024-46853
Malicious code in bioql PyPI...
CVE-2024-5680
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5681
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5681
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5681
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5680
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5679
CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5680
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5681
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2024-5681
CVE-2024-5681 involves the Schneider Electric EcoStruxure Foxboro DCS product family, specifically the Foxboro.sys driver used by EcoStruxure Foxboro DCS Core Control Services. The issue arises from insufficient input validation in an IOCTL handling path, enabling a local attacker with user acces...
CVE-2024-5681
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
CVE-2023-2569
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
Out-of-bounds
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
Input validation
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver...
CVE-2023-2570
CVE-2023-2570 involves an Improper Validation of Array Index in the Foxboro.sys driver IOCTL handling, leading to local denial-of-service and potential kernel execution. Root cause: incorrect validation of an array index. Affected product context appears to be Schneider Electric EcoStruxure Foxbo...
CVE-2023-2569
CVE-2023-2569 affects Schneider Electric EcoStruxure Foxboro DCS components, with the Foxboro.sys driver exposing an Out-of-Bounds Write via an IOCTL call. The concrete root cause described across sources is a boundary/array bound error while handling untrusted input, enabling a local attacker wi...
PT-2023-3076 · Unknown · Foxboro.Sys
Name of the Vulnerable Software and Affected Versions: Foxboro.sys driver affected versions not specified Description: A CWE-787: Out-of-Bounds Write issue exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local...