CVE-2014-0789
Schneider Electric OPC Factory Server < 3.5 - Denial of Service via Long Arguments
Title source: llmDescription
Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions.
References (4)
Core 4
Core References
US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-093-01
Various Sources
http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-093-01
Scores
EPSS
0.0247
EPSS Percentile
82.5%
Details
CWE
CWE-119
CWE-122
Status
published
Products (10)
Schneider Electric/OPC Factory Server (OFS)
< TLXCDLFOFS33 – V3.5
Schneider Electric/OPC Factory Server (OFS)
< TLXCDLTOFS33 – V3.5
Schneider Electric/OPC Factory Server (OFS)
< TLXCDLUOFS33 – V3.5
Schneider Electric/OPC Factory Server (OFS)
< TLXCDSTOFS33 – V3.5
Schneider Electric/OPC Factory Server (OFS)
< TLXCDSUOFS33 – V3.5
schneider-electric/opc_factory_server_tlxcdlfofs
< 3.35
schneider-electric/opc_factory_server_tlxcdltofs
< 3.35
schneider-electric/opc_factory_server_tlxcdluofs
< 3.35
schneider-electric/opc_factory_server_tlxcdstofs
< 3.35
schneider-electric/opc_factory_server_tlxcdsuofs
< 3.35
Published
Apr 04, 2014
Tracked Since
Feb 18, 2026