CVE-2016-8352
published 2017-02-13CVE-2016-8352: An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions…
PriorityP261critical10CVSS 3.0
AVNACLPRNUINSCCHIHAH
EPSS
4.16%
89.6th percentile
An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. A stack-based buffer overflow can be triggered during the SNMP login authentication process that may allow an attacker to remotely execute code.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | microsoft_hpc_pack_2019 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is triggered during the SNMP login authentication process — monitor for anomalous or malformed SNMP authentication traffic (UDP/161, UDP/162) directed at ConneXium firewall devices, which may indicate exploitation attempts. ↗
- →The vulnerability is remotely exploitable with no authentication and low attack complexity (CVSS v3 AV:N/AC:L/PR:N/UI:N), meaning any unauthenticated SNMP packet to affected devices could be an exploit attempt. ↗
- →Target asset identification: flag network traffic to/from devices identified as Schneider Electric ConneXium firewalls (models TCSEFEC23F3F20, TCSEFEC23F3F21, TCSEFEC23FCF20, TCSEFEC23FCF21, TCSEFEC2CF3F20) on SNMP ports for deeper inspection. ↗
- ·No known public exploits exist for this vulnerability at time of advisory publication; exploitation risk is present but unconfirmed in the wild. ↗
- ·All firmware versions of the affected ConneXium firewall models are vulnerable; there is no safe version to allowlist until Schneider Electric releases the firmware update. ↗
CVSS provenance
nvdv3.010.0CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_msrc9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
vendor_msrc·2025-09-09·CVSS 9.8
CVE-2025-55232 [CRITICAL] CWE-502 Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
Description: Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network.
FAQ: What do customers need to do to mitigate this vulnerability?
If you are currently using HPC Pack 2019 Update 2, you need to upgrade to HPC Pack 2019 Update 3 (Build 6.3.8328) and then apply the QFE patch (Build 6.3.8352).
If you are currently using HPC Pack 2016, you must migrate to 2019 to receive a fix, as there is no in-place update from 2016 to 2019.
FAQ: How could an attacker exploit the vulnerability?
An attacker who successfully exploits this vulnerability could achieve remote code execution without user interaction.
Microsoft High Perf
CISA ICS
Schneider Electric ConneXium Buffer Overflow Vulnerability
cisa_ics·2016-11-10
Schneider Electric ConneXium Buffer Overflow Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Schneider Electric ConneXium Buffer Overflow Vulnerability
Last RevisedNovember 10, 2016
Alert CodeICSA-16-306-01
## OVERVIEW
Security researcher George Lashenko of CyberX has identified a buffer overflow vulnerability in Schneider Electric’s ConneXium firewall product. Schneider Electric is developing a firmware update to mitigate this vulnerability.
This vulnerability is remotely exploitable.
## AFFECTED PRODUCTS
The following ConneXium firewalls are affected:
- TCSEFEC23F3F20 all versions,
- TCSEFEC23F3F21 all versions,
- TCSEFEC23FCF20 all versions,
- TCSEFEC23FCF21 a
GHSA
GHSA-4hw4-vcgq-h32m: An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all version
ghsa_unreviewed·2022-05-17
CVE-2016-8352 [CRITICAL] CWE-119 GHSA-4hw4-vcgq-h32m: An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all version
An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. A stack-based buffer overflow can be triggered during the SNMP login authentication process that may allow an attacker to remotely execute code.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-02-13
Published