Schneider-Electric Modbus Serial Driver vulnerabilities
3 known vulnerabilities affecting schneider-electric/modbus_serial_driver.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-7523HIGHCVSS 7.8fixed in 2.20_ie_30fixed in 3.20_ie_302020-08-31
CVE-2020-7523 [HIGH] CWE-269 CVE-2020-7523: Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see s
Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of contro
nvd
CVE-2018-7824MEDIUMCVSS 4.9≤ 3.17≤ 2.172019-05-22
CVE-2018-7824 [MEDIUM] CWE-610 CVE-2018-7824: An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electri
An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electric Modbus Serial Driver (For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior) which could allow write access to system files available only to users with SYST
nvd
CVE-2013-0662CRITICALCVSS 9.3PoCv1.10v2.2+1 more2014-04-01
CVE-2013-0662 [CRITICAL] CWE-787 CVE-2013-0662: Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.
nvd