PT-2015-4038 · Schneider Electric · Vampset
Published
2015-04-03
·
Updated
2018-10-09
·
CVE-2014-8390
CVSS v2.0
4.4
Medium
| Vector | AV:L/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Schneider Electric VAMPSET versions prior to 2.2.168
Description
The issue concerns multiple buffer overflows that can be triggered by local users through malformed disturbance-recording data in a CFG or DAT file, potentially allowing them to gain privileges.
Recommendations
For versions prior to 2.2.168, update to version 2.2.168 or later to resolve the issue.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vampset