Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe
Filtered by product Modbus Serial Driver
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7523 1 Schneider-electric 2 Modbus Driver Suite, Modbus Serial Driver 2024-02-28 4.4 MEDIUM 7.8 HIGH
Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CVE-2018-7824 2 Microsoft, Schneider-electric 3 Windows, Driver Suite, Modbus Serial Driver 2024-02-28 6.8 MEDIUM 4.9 MEDIUM
An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electric Modbus Serial Driver (For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior) which could allow write access to system files available only to users with SYSTEM privilege or other important user files.
CVE-2013-0662 2 Schneider-electric, Schneider Electric 13 Concept, Modbus Serial Driver, Modbuscommdtm Sl and 10 more 2024-02-28 9.3 HIGH N/A
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.