CVE-2014-0789
Last modified
CVE-2014-0789 is a vulnerability of currently unknown severity. Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions.. EPSS estimates a 2.47% chance of exploitation in the next 30 days.
Description
Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Opc Factory Server Tlxcdlfofs | <= 3.35 |
| Schneider-Electric | Opc Factory Server Tlxcdltofs | <= 3.35 |
| Schneider-Electric | Opc Factory Server Tlxcdluofs | <= 3.35 |
| Schneider-Electric | Opc Factory Server Tlxcdstofs | <= 3.35 |
| Schneider-Electric | Opc Factory Server Tlxcdsuofs | <= 3.35 |
References
- http://ics-cert.us-cert.gov/advisories/ICSA-14-093-01US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-0789?
How severe is CVE-2014-0789?
How do I fix CVE-2014-0789?
Are you affected by CVE-2014-0789?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST