CVE-2024-37040

Name of the Vulnerable Software and Affected Versions Schneider Electric Sage versions (affected versions not specified)

Description The issue is related to a buffer copy without checking the size of input data in the web interface of the Schneider Electric Sage software. This could allow a remote attacker to cause a fault on the device by sending a specially crafted HTTP request. The vulnerability is described as a 'Classic Buffer Overflow' and is associated with the CWE-120 classification.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.