CVE-2011-5163

CWE-119 — Buffer Overflow3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.2%

top 62.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mitsubishi-automation MX4 Scada Schneider-electric Citectscada

Timeline

PublishedSep 15

Latest updateMay 17

Description

Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDschneider-electric/citectscada7.10

▶NVDmitsubishi-automation/mx4_scada7.10

🔴Vulnerability Details

GHSA

GHSA-jj6v-6227-3v35: Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7↗2022-05-17

▶

CVEList

CVE-2011-5163: Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7↗2012-09-15

▶