Filtered by vendor Schneider-electric Subscriptions
Filtered by product Ecostruxure Foxboro Dcs Control Core Services Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-2569 1 Schneider-electric 1 Ecostruxure Foxboro Dcs Control Core Services 2025-01-02 7.8 High
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
CVE-2024-5681 1 Schneider-electric 1 Ecostruxure Foxboro Dcs Control Core Services 2024-11-21 7.8 High
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
CVE-2024-5680 1 Schneider-electric 1 Ecostruxure Foxboro Dcs Control Core Services 2024-11-21 7.1 High
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
CVE-2024-5679 1 Schneider-electric 1 Ecostruxure Foxboro Dcs Control Core Services 2024-11-21 7.1 High
CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
CVE-2023-2570 1 Schneider-electric 1 Ecostruxure Foxboro Dcs Control Core Services 2024-11-21 7 High
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver.