CVE-2024-8518 — Improper Input Validation in Electric Zelio Soft 2

CWE-20 — Improper Input Validation3 documents3 sources

Severity

3.3LOWNVD

EPSS

0.0%

top 86.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider Electric Zelio Soft 2

Timeline

PublishedOct 8

Description

CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages1 packages

▶CVEListV5schneider_electric/zelio_soft_2Versions prior to 5.4.2.2

🔴Vulnerability Details

GHSA

GHSA-j6rp-5g87-ghhj: CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file↗2024-10-08

▶

CVEList

CVE-2024-8518: CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file↗2024-10-08

▶