N/A

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)

N/A

未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)

Schneider Electric Easergy P5 缓冲区错误漏洞

Schneider Electric Easergy P5是法国施耐德电气（Schneider Electric）公司的一款适用于要求苛刻的中压应用的保护继电器。 Schneider Electric Easergy P5 存在缓冲区错误漏洞，该漏洞由于边界错误而存在。本地网络上的远程攻击者可利用该漏洞可以发送专门制作的数据包，触发内存损坏，并在目标系统上执行任意代码。该漏洞允许远程攻击者可利用该漏洞在目标系统上执行任意代码。

N/A

N/A