Vampset
CVE-2014-5407
MEDIUM
Severity by source
AV:L/AC:M/Au:S/C:P/I:P/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:M/Au:S/C:P/I:P/A:P
Lifecycle Timeline
1DescriptionCVE.org
Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2) disturbance recording file.
AnalysisAI
Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2). Rated medium severity (CVSS 4.1). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-121. Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2) disturbance recording file. Affected products include: Schneider-Electric Vampset.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain privileges via malforme
All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corrupti
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today