CVE-2021-22705

2021-05-2619:19:18

CWE-119

schneider

www.cve.org

memory buffer operations

vulnerability

vijeo designer

ecostruxure machine expert

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

17.1%

JSON

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver installed by Vijeo Designer or EcoStruxure Machine Expert

CNA Affected

[
  {
    "product": "Harmony HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ) or EcoStruxure Machine Expert (all versions prior to V2.0)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Harmony HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ) or EcoStruxure Machine Expert (all versions prior to V2.0)"
      }
    ]
  }
]

References

download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-02