Vulnerability Description
An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. A stack-based buffer overflow can be triggered during the SNMP login authentication process that may allow an attacker to remotely execute code.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Connexium Firmware | - |
| Schneider-Electric | Tcsefec23F3F20 | - |
| Schneider-Electric | Tcsefec23F3F21 | - |
| Schneider-Electric | Tcsefec23Fcf20 | - |
| Schneider-Electric | Tcsefec23Fcf21 | - |
| Schneider-Electric | Tcsefec2Cf3F20 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94062Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-306-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/94062Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-306-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-8352?
CVE-2016-8352 is a vulnerability with a CVSS score of 10.0 (CRITICAL). An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20...
How severe is CVE-2016-8352?
CVE-2016-8352 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-8352?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Connexium Firmware, Schneider-Electric Tcsefec23F3F20, Schneider-Electric Tcsefec23F3F21, Schneider-Electric Tcsefec23Fcf20, Schneider-Electric Tcsefec23Fcf21.