CVE-2014-8514
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
27/12/2014
Last modified:
12/04/2025
Description
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:schneider_electric:proclima:*:*:*:*:*:*:*:* | 6.0.1 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01
- http://www.securityfocus.com/bid/71710
- https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01
- http://www.securityfocus.com/bid/71710
- https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01