11 matches found
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
CVE-2021-22698
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
CVE-2021-22698
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
Design/Logic Flaw
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
Stack overflow
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22698
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...
CVE-2021-22698
CVE-2021-22698 affects Schneider Electric EcoStruxure Power Build-Rapsody (V2.1.13 and prior). The issue is a CWE-434 Unrestricted Upload of File with Dangerous Type in SSD file parsing, caused by insufficient validation of user-supplied data length before copying to a fixed-length stack buffer, ...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
CVE-2021-22697
CVE-2021-22697 affects Schneider Electric EcoStruxure Power Build-Rapsody (versions up to 2.1.13). The issue is a CWE-434 Unrestricted Upload of File with Dangerous Type in SSD file parsing, leading to a use-after-free condition and potential remote code execution. Exploitation described as requi...