CVE-2016-8374
HIGHSchneider Electric Magelis HMI - Denial of Service via Uncontrolled Resource Consumption
Title source: llmDescription
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94093
Scores
CVSS v3
7.5
EPSS
0.0053
EPSS Percentile
67.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (9)
n/a/Schneider Electric Magelis HMI
Schneider Electric Magelis HMI
schneider-electric/magelis_gto_advanced_optimum_panel_firmware
schneider-electric/magelis_gtu_universal_panel_firmware
schneider-electric/magelis_sto5_small_panel_firmware
schneider-electric/magelis_stu_small_panel_firmware
schneider-electric/magelis_xbt_gh_advanced_hand-held_panel_firmware
schneider-electric/magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware
schneider-electric/magelis_xbt_gt_advanced_touchscreen_panel_firmware
schneider-electric/magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware
Published
Feb 13, 2017
Tracked Since
Feb 18, 2026