VYPR

Foxboro DCS Control Core Services

by Schneider Electric

CVEs (6)

  • CVE-2024-5681Jul 11, 2024
    risk 0.00cvss epss 0.00

    CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

  • CVE-2024-5680Jul 11, 2024
    risk 0.00cvss epss 0.00

    CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

  • CVE-2024-5679Jul 11, 2024
    risk 0.00cvss epss 0.00

    CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

  • CVE-2023-2570Jun 14, 2023
    risk 0.00cvss epss 0.00

    A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys…

  • CVE-2023-2569Jun 14, 2023
    risk 0.00cvss epss 0.00

    A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

  • CVE-2018-7793Dec 24, 2018
    risk 0.00cvss epss 0.00

    A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service…