Vulnerabilities (CVE)

Filtered by vendor Emerson Subscribe
Filtered by product Ovation Ocr400 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10967 1 Emerson 2 Ovation Ocr400, Ovation Ocr400 Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST command to the FTP service, which may cause the service to overwrite buffers, leading to remote code execution and escalation of privileges.
CVE-2019-10965 1 Emerson 2 Ovation Ocr400, Ovation Ocr400 Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution and escalation of privileges.