PT-2014-8575 · Schneider Electric · Proclima
Published
2014-12-27
·
Updated
2015-01-07
·
CVE-2014-8512
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Schneider Electric ProClima versions prior to 6.1.7
Description
The issue is related to a buffer overflow in an ActiveX control in Atx45.ocx, which allows remote attackers to execute arbitrary code. This is a remote code execution vulnerability.
Recommendations
For versions prior to 6.1.7, update to version 6.1.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the ActiveX control in Atx45.ocx to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Proclima