CVE-2014-0789

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-093-01	US Government Resource
http://www.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2014/03/20140325_vulnerability_disclosure_opc_factory_server.xml	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdlfofs::::::::
	cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdltofs::::::::
	cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdluofs::::::::
	cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdstofs::::::::
	cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdsuofs::::::::

History

No history.

Information

Published : 2014-04-04 15:09

Updated : 2024-02-28 12:20

NVD link : CVE-2014-0789

Mitre link : CVE-2014-0789

CVE.ORG link : CVE-2014-0789

JSON object : View

Products Affected

schneider-electric

opc_factory_server_tlxcdltofs
opc_factory_server_tlxcdstofs
opc_factory_server_tlxcdluofs
opc_factory_server_tlxcdlfofs
opc_factory_server_tlxcdsuofs

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2014-0789", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-04-04T15:09:45.917", "references": [{"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-093-01", "tags": ["US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2014/03/20140325_vulnerability_disclosure_opc_factory_server.xml", "tags": ["Vendor Advisory"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de buffer en el control OPC Automation 2.0 Server Object ActiveX en Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 y anteriores, TLXCDSTOFS33 3.5 y anteriores, TLXCDLUOFS33 3.5 y anteriores, TLXCDLTOFS33 3.5 y anteriores y TLXCDLFOFS33 3.5 y anteriores permiten a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de argumentos largos hacia funciones no especificadas."}], "lastModified": "2014-04-04T17:52:48.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdlfofs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58A9B25F-0A42-4E55-8253-086C8110B46B", "versionEndIncluding": "3.35"}, {"criteria": "cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdltofs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDAB2AC4-BF6E-4F66-808D-395DA09A2953", "versionEndIncluding": "3.35"}, {"criteria": "cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdluofs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDB23AE4-FE64-4C13-8703-EBF6A419A149", "versionEndIncluding": "3.35"}, {"criteria": "cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdstofs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE9D2AE1-6047-42C0-9BE5-3DA9C7445F6D", "versionEndIncluding": "3.35"}, {"criteria": "cpe:2.3:h:schneider-electric:opc_factory_server_tlxcdsuofs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDF237D6-9874-4669-BBB5-5047D3D0AFDA", "versionEndIncluding": "3.35"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}