CVE-2014-0789

Schneider-electric Opc Factory Server Tlxcdlfofs - Memory Corruption

Title source: rule

Description

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions.

References (4)

Core 4

Core References

US Government Resource

http://ics-cert.us-cert.gov/advisories/ICSA-14-093-01

Various Sources

http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page

Third Party Advisory, US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-14-093-01

Vendor Advisory x_refsource_confirm

http://www.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2014/03/20140325_vulnerability_disclosure_opc_factory_server.xml

Scores

EPSS 0.0105

EPSS Percentile 77.7%

Details

CWE

CWE-119 CWE-122

Status published

Products (10)

Schneider Electric/OPC Factory Server (OFS) < TLXCDLFOFS33 – V3.5

Schneider Electric/OPC Factory Server (OFS) < TLXCDLTOFS33 – V3.5

Schneider Electric/OPC Factory Server (OFS) < TLXCDLUOFS33 – V3.5

Schneider Electric/OPC Factory Server (OFS) < TLXCDSTOFS33 – V3.5

Schneider Electric/OPC Factory Server (OFS) < TLXCDSUOFS33 – V3.5

schneider-electric/opc_factory_server_tlxcdlfofs < 3.35

schneider-electric/opc_factory_server_tlxcdltofs < 3.35

schneider-electric/opc_factory_server_tlxcdluofs < 3.35

schneider-electric/opc_factory_server_tlxcdstofs < 3.35

schneider-electric/opc_factory_server_tlxcdsuofs < 3.35

Published Apr 04, 2014

Tracked Since Feb 18, 2026