CVE-2017-9629 — Stack-based Buffer Overflow in Wonderware Archestra Logger

CWE-121 — Stack-based Buffer Overflow CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

19.7%

top 4.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Wonderware Archestra Logger

Timeline

PublishedJul 7

Latest updateMay 13

Description

A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context of a highly privileged account.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDschneider-electric/wonderware_archestra_logger2017.426.2307.1

🔴Vulnerability Details

GHSA

GHSA-c74f-9vf5-2gh6: A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017↗2022-05-13

▶

CVEList

CVE-2017-9629: A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017↗2017-07-07

▶