CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL
call in the Foxboro.sys driver.
References
Configurations
Configuration 1 (hide)
|
History
12 Jul 2024, 16:38
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric
Schneider-electric ecostruxure Foxboro Dcs Control Core Services |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_core_services:*:*:*:*:*:*:*:* | |
References | () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf - Vendor Advisory |
11 Jul 2024, 13:05
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
11 Jul 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-11 09:15
Updated : 2024-07-12 16:38
NVD link : CVE-2024-5680
Mitre link : CVE-2024-5680
CVE.ORG link : CVE-2024-5680
JSON object : View
Products Affected
schneider-electric
- ecostruxure_foxboro_dcs_control_core_services
CWE
CWE-129
Improper Validation of Array Index