Lucene search
IcscertCVE-2015-3977HistoryNov 15, 2015 - 3:59 a.m.
CVE-2015-3977
2015-11-1503:59:00
CWE-119
icscert
web.nvd.nist.gov
27
cve-2015-3977
buffer overflow
schneider electric
imt25
magnetic flow
dtm
hart protocol
remote authenticated user
arbitrary code execution
denial of service
memory corruption
nvd
CVSS2
7.7
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:C/I:C/A:C
AI Score
7.9
Confidence
High
EPSS
0.004
Percentile
73.1%
Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply.
Affected configurations
Node
schneider-electricimt25_magnetic_flow_dtmRange≤1.500.000
| Vendor | Product | Version | CPE |
|---|---|---|---|
| schneider-electric | imt25_magnetic_flow_dtm | * | cpe:2.3:o:schneider-electric:imt25_magnetic_flow_dtm:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-3977
2015-11-15 02:00:00
prion
prion
Buffer overflow
2015-11-15 03:59:00
ics
ics
Schneider Electric IMT25 DTM Vulnerability
2018-08-27 12:00:00
nvd
nvd
CVE-2015-3977
2015-11-15 03:59:00
CVSS2
7.7
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:C/I:C/A:C
AI Score
7.9
Confidence
High
EPSS
0.004
Percentile
73.1%
Related for CVE-2015-3977