First published: Wed Aug 09 2023(Updated: )
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX.
Credit: cybersecurity@se.com cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Pro-face Gp-pro Ex | <4.09.500 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-3953 is medium with a severity value of 5.3.
The CWE ID of CVE-2023-3953 is 119.
The Schneider-electric Pro-face Gp-pro Ex software version up to 4.09.500 is affected by CVE-2023-3953.
An authenticated user can trigger the memory corruption vulnerability in CVE-2023-3953 by opening a tampered log file from GP-Pro EX.
You can find more information about CVE-2023-3953 in the security and safety notice document provided by Schneider Electric.