1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Schneider Electric
- Equipment: Wiser AvatarOn 6K Freelocate, Wiser Cuadro H 5P Socket
- Vulnerability: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to inject code or bypass authentication.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Schneider Electric products are affected:
- Wiser AvatarOn 6K Freelocate: All versions
- Wiser Cuadro H 5P Socket: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) CWE-120
Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass. This issue affects “Standalone” and “Application” versions of Gecko Bootloader.
CVE-2023-4041 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2023-4041. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).