Schneider-Electric Unity Pro vulnerabilities

CVE-2016-8354 [HIGH] CWE-94 CVE-2016-8354: An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compil An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity project file can make the simulator execute malicious code by r

CVE-2013-0662 [CRITICAL] CWE-787 CVE-2013-0662: Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1. Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.

CVE-2011-3330 [HIGH] CWE-119 CVE-2011-3330: Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 an Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an uns