VYPR

Foxboro.sys

by Schneider Electric

CVEs (3)

  • CVE-2024-5681HigJul 11, 2024
    risk 0.51cvss 7.8epss 0.00

    CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

  • CVE-2024-5680HigJul 11, 2024
    risk 0.46cvss 7.1epss 0.00

    CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

  • CVE-2024-5679HigJul 11, 2024
    risk 0.46cvss 7.1epss 0.00

    CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.