cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-5681,https://securityvulnerability.io/vulnerability/CVE-2024-5681,Foxboro Sys Faces Local Denial-of-Service and Privilege Escalation Vulnerability,"An improper input validation vulnerability in the Foxboro.sys driver can enable a local user with malicious intent to craft a script or program that exploits the vulnerability through an IOCTL call. This exploitation may lead to local denial-of-service, privilege escalation, and even potential kernel execution. The flaw poses a risk to users with local access, emphasizing the need for immediate action and remediation. Users are advised to review Schneider Electric's security notice for guidelines on mitigating potential impacts.",Schneider Electric,Ecostruxure Foxboro Dcs Core Control Services,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-07-11T08:27:49.614Z,0
CVE-2024-5680,https://securityvulnerability.io/vulnerability/CVE-2024-5680,Foxboro.sys Driver Vulnerable to Local Denial-of-Service Attacks,"CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL
call in the Foxboro.sys driver.",Schneider Electric,Ecostruxure Foxboro Dcs Core Control Services,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-07-11T08:25:45.578Z,0
CVE-2024-5679,https://securityvulnerability.io/vulnerability/CVE-2024-5679,Foxboro.sys Out-of-Bounds Write Vulnerability Could Lead to Local Denial-of-Service or Kernel Memory Leak,"An out-of-bounds write vulnerability exists in the Foxboro.sys driver, allowing local users to exploit the flaw by crafting a malicious script or program that utilizes an IOCTL call. This exploitation can lead to local denial-of-service attacks or unintentional leakage of kernel memory. The vulnerability poses a significant risk, particularly in environments where the Foxboro.sys driver is deployed, as it permits unauthorized actions that can compromise system stability and security.",Schneider Electric,Ecostruxure Foxboro Dcs Core Control Services,7.1,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-07-11T08:18:23.853Z,0
CVE-2023-2569,https://securityvulnerability.io/vulnerability/CVE-2023-2569,Out-of-Bounds Write Vulnerability in Foxboro.sys Driver by Schneider Electric,"A significant out-of-bounds write vulnerability exists in the Foxboro.sys driver utilized by Schneider Electric products. This flaw enables an attacker with local user access to execute malicious scripts or programs leveraging IOCTL calls, potentially leading to local denial-of-service, elevation of privilege, and even kernel execution. Proper remediation and security measures should be implemented to mitigate the risks associated with this vulnerability.",Schneider Electric,EcoStruxure Foxboro DCS Control Core Services,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2023-06-14T08:15:00.000Z,0
CVE-2023-2570,https://securityvulnerability.io/vulnerability/CVE-2023-2570,Improper Validation of Array Index in Foxboro Driver by Schneider Electric,"An improper validation of array index vulnerability has been identified in the Foxboro.sys driver, which could allow a local user to exploit the issue. By crafting a specially designed script or program that manipulates an unpredictable index in an IOCTL call, an attacker may cause local denial-of-service conditions and potentially execute arbitrary code in the kernel space. This vulnerability exposes the impacted systems to significant risks, making it essential for users to apply the necessary updates and mitigate potential threats.",Schneider Electric,EcoStruxure Foxboro DCS Control Core Services,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2023-06-14T08:15:00.000Z,0