CVE-2014-8511

CWE-119 — Buffer Overflow3 documents3 sources

Severity

10.0CRITICAL

EPSS

5.4%

top 9.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Proclima

Timeline

PublishedDec 27

Latest updateMay 17

Description

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8512. NOTE: this may be clarified later based on details provided by researchers.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDschneider-electric/proclima6.0.1

🔴Vulnerability Details

GHSA

GHSA-gr4q-vpmv-cwrr: Buffer overflow in an ActiveX control in Atx45↗2022-05-17

▶

CVEList

CVE-2014-8511: Buffer overflow in an ActiveX control in Atx45↗2014-12-27

▶