Schneider-Electric Guicon vulnerabilities

6 known vulnerabilities affecting schneider-electric/guicon.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2021-22807HIGHCVSS 7.8≤ 2.02022-01-28
CVE-2021-22807 [HIGH] CWE-787 CVE-2021-22807: A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious *.gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 (Build 683.003) and prior
nvd
CVE-2021-22808HIGHCVSS 7.8≤ 2.02022-01-28
CVE-2021-22808 [HIGH] CWE-416 CVE-2021-22808: A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a mali A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious *.gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 (Build 683.003) and prior
nvd
CVE-2021-22809MEDIUMCVSS 5.5≤ 2.02022-01-28
CVE-2021-22809 [MEDIUM] CWE-125 CVE-2021-22809: A CWE-125:Out-of-Bounds Read vulnerability exists that could cause unintended data disclosure when a A CWE-125:Out-of-Bounds Read vulnerability exists that could cause unintended data disclosure when a malicious *.gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 (Build 683.003) and prior
nvd
CVE-2018-7813HIGHCVSS 7.8v2.02019-02-06
CVE-2018-7813 [HIGH] CWE-704 CVE-2018-7813: A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file
nvd
CVE-2018-7814HIGHCVSS 7.8v2.02019-02-06
CVE-2018-7814 [HIGH] CWE-787 CVE-2018-7814: A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIc A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file
nvd
CVE-2018-7815HIGHCVSS 7.8v2.02019-02-06
CVE-2018-7815 [HIGH] CWE-704 CVE-2018-7815: A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file
nvd