CVE-2011-4034

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.3CRITICAL

EPSS

55.8%

top 1.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Citecthistorian Schneider-electric Citectscada Reports Schneider-electric Vijeo Historian

Timeline

PublishedDec 2

Latest updateMay 17

Description

Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDschneider-electric/citecthistorian4.30+1

▶NVDschneider-electric/vijeo_historian4.30+3

▶NVDschneider-electric/citectscada_reports4.10+1

Patches

Patch: www.citect.com ↗Patch: www.scada.schneider-electric.com ↗Patch: www.us-cert.gov ↗

🔴Vulnerability Details

GHSA

GHSA-fqp8-j3rg-x5gf: Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4↗2022-05-17

▶

CVEList

CVE-2011-4034: Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4↗2011-12-02

▶