CVE-2023-29414

HIGH

Schneider Electric Accutech Manager < 2.7 - Local Privilege Escalation via Buffer Overflow

Title source: llm
STIX 2.1

Description

A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call.

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 8.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-120
Status published
Products (1)
schneider-electric/accutech_manager < 2.7
Published Jul 12, 2023
Tracked Since Feb 18, 2026