CVE-2014-0774

CWE-121Stack-based Buffer OverflowCWE-119Buffer Overflow3 documents3 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 80.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
Schneider Electric Tlxcdlfofs33Schneider Electric Tlxcdltofs33Schneider Electric Tlxcdluofs33+8 more
Timeline
PublishedFeb 28
Latest updateMay 17

Description

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.1 | Impact: 10.0

Affected Packages11 packages

🔴Vulnerability Details

2
GHSA
GHSA-23h3-v846-4gxf: Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 32022-05-17
CVEList
Schneider Electric OFS Stack Buffer Overflow2014-02-28
CVE-2014-0774 (MEDIUM CVSS 6.9) | Stack-based buffer overflow in the | cvebase.io