CVE-2017-9962

Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications to cause unexpected behavior. Client applications affected include ViewX and the Server Icon.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
schneiderCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
avevaclearscada
𝑥
≤ 2010
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.schneider-electric.com/en/download/document/SEVD-2017-264-01/
http://www.schneider-electric.com/en/download/document/SEVD-2017-264-01/