CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,
privilege escalation, and potentially kernel execution when a malicious actor with local user
access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
privilege escalation, and potentially kernel execution when a malicious actor with local user
access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Aug 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Schneider Electric
Schneider Electric ecostruxure Foxboro Dcs Core Control Services |
|
CPEs | cpe:2.3:a:schneider_electric:ecostruxure_foxboro_dcs_core_control_services:9.8:*:*:*:*:*:*:* | |
Vendors & Products |
Schneider Electric
Schneider Electric ecostruxure Foxboro Dcs Core Control Services |
|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: schneider
Published:
Updated: 2025-08-27T21:33:27.004Z
Reserved: 2024-06-06T12:06:44.310Z
Link: CVE-2024-5681

Updated: 2024-08-01T21:18:06.902Z

Status : Modified
Published: 2024-07-11T09:15:04.360
Modified: 2024-11-21T09:48:08.953
Link: CVE-2024-5681

No data.

No data.