Skip to main content

Proclima

10 CVEs product

Monthly

CVE-2019-6825 HIGH This Week

A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Proclima
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2019-6824 CRITICAL Act Now

A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Proclima
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2019-6823 CRITICAL Act Now

A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Proclima
NVD
CVSS 3.1
9.8
EPSS
5.0%
CVE-2015-8561 MEDIUM This Month

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
6.8
EPSS
3.8%
CVE-2015-7918 MEDIUM This Month

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.2% and no vendor patch available.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
6.8
EPSS
11.2%
CVE-2014-9188 CRITICAL PATCH Act Now

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6%.

Command Injection Schneider Electric RCE Buffer Overflow Proclima
NVD
CVSS 2.0
10.0
EPSS
19.6%
CVE-2014-8514 HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
3.6%
CVE-2014-8513 HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2014-8512 HIGH PATCH This Week

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2014-8511 CRITICAL Act Now

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
10.0
EPSS
5.4%
EPSS 1% CVSS 7.8
HIGH This Week

A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Proclima
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Proclima
NVD
EPSS 5% CVSS 9.8
CRITICAL Act Now

A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Proclima
NVD
EPSS 4% CVSS 6.8
MEDIUM This Month

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Schneider Electric Buffer Overflow +2
NVD
EPSS 11% CVSS 6.8
MEDIUM This Month

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.2% and no vendor patch available.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 20% CVSS 10.0
CRITICAL PATCH Act Now

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6%.

Command Injection Schneider Electric RCE +2
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE +1
NVD
EPSS 5% CVSS 10.0
CRITICAL Act Now

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy