CVE-2014-9190
Schneider Electric Wonderware InTouch Access Anywhere Server <11.0 ...
Title source: llmDescription
Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.
References (3)
Core 3
Core References
Various Sources x_refsource_confirm
https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf
Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/news-events/ics-advisories/icsa-15-008-02
Third Party Advisory, US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-008-02
Scores
EPSS
0.0638
EPSS Percentile
91.1%
Details
CWE
CWE-119
CWE-121
Status
published
Products (4)
Schneider Electric/InTouch Access Anywhere Server
10.6
Schneider Electric/InTouch Access Anywhere Server
11.0
schneider-electric/wonderware_intouch_access_anywhere_server
10.6
schneider-electric/wonderware_intouch_access_anywhere_server
11.0
Published
Jan 10, 2015
Tracked Since
Feb 18, 2026