Vulnerability Details CVE-2014-9200
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 83.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01
- http://www.securityfocus.com/bid/72335
- https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01
- http://www.securityfocus.com/bid/72335
- https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02
Products affected by CVE-2014-9200
-
cpe:2.3:a:schneider-electric:somachine:-
-
cpe:2.3:a:schneider-electric:somove:-
-
cpe:2.3:a:schneider-electric:somove_lite:-
-
cpe:2.3:a:schneider-electric:unity_pro:-