CVE-2014-0774 - Vulnerability Details - OpenCVE

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Schneider-electric	Ofs Test Client Tlxcdlfofs33 Ofs Test Client Tlxcdltofs33 Ofs Test Client Tlxcdluofs33 Ofs Test Client Tlxcdstofs33 Ofs Test Client Tlxcdsuofs33 Opc Factory Server

Configuration 1 [-]

OR	cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdlfofs33:3.35:::::::*
	cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdltofs33:3.35:::::::*
	cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdluofs33:3.35:::::::*
	cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdstofs33:3.35:::::::*
	cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdsuofs33:3.35:::::::*
	cpe:2.3:a:schneider-electric:opc_factory_server:3.35:::::::*

No data.

References

Link	Providers
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01
http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02
http://www.securityfocus.com/bid/65871
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01
https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-02

History

Wed, 24 Sep 2025 21:30:00 +0000

Type	Values Removed	Values Added
Title		Schneider Electric OFS Stack Buffer Overflow
Weaknesses		CWE-121
References		https://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01 https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-02
Metrics	cvssV2_0 `{'score': 6.9, 'vector': 'AV:L/AC:M/Au:N/C:C/I:C/A:C'}`	cvssV2_0 `{'score': 6.8, 'vector': 'AV:L/AC:L/Au:S/C:C/I:C/A:C'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2014-02-28T02:00:00

Updated: 2025-09-24T21:10:10.144Z

Reserved: 2014-01-02T00:00:00

Link: CVE-2014-0774

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2014-02-28T06:18:54.277

Modified: 2025-09-24T22:15:34.533

Link: CVE-2014-0774

Redhat

No data.

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TLXCDSUOFS33", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "V3.35"}]}, {"defaultStatus": "unaffected", "product": "TLXCDSTOFS33", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "V3.35"}]}, {"defaultStatus": "unaffected", "product": "TLXCDLUOFS33", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "V3.35"}]}, {"defaultStatus": "unaffected", "product": "TLXCDLTOFS33", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "V3.35"}]}, {"defaultStatus": "unaffected", "product": "TLXCDLFOFS33", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "V3.35"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Schneider Electric"}], "datePublic": "2014-02-27T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.</p>"}], "value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."}], "metrics": [{"cvssV2_0": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-09-24T21:10:10.144Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-02"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"}, {"name": "65871", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65871"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Schneider Electric has a product upgrade as well as a workaround \nsolution \nthat mitigates this \nvulnerability. </p><p>Schneider Electric Security Notification SEVD \n2014-031-01,\u201dVulnerability Disclosure \u2013 OPC Factory Server V3.35,\u201d \n<a target=\"_blank\" rel=\"nofollow\" href=\"http://www.downloads.schneider-electric.com/?p_Conf=&p_localesFilter=&p_docTypeFilter=1555899,&p_docTypeGroupFilter=3541958\">http://www.downloads.schneider-electric.com/?p_Conf=&p_localesFilter=&p_docTypeFilter=155589...</a>   </p>\n<div>\n<p>The security announcements affecting the OPC Factory Server are available here:</p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page\">http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page</a></p></div>Schneider\n Electric recommends customers to upgrade to OFS v3.4 or later (Version \nv3.5 is currently available). Customers that cannot upgrade are directed\n to remove the demonstration client from affected computers, provided it\n is not required for operations.\n\n<br>"}], "value": "Schneider Electric has a product upgrade as well as a workaround \nsolution \nthat mitigates this \nvulnerability.\u00a0\n\nSchneider Electric Security Notification SEVD \n2014-031-01,\u201dVulnerability Disclosure \u2013 OPC Factory Server V3.35,\u201d \n http://www.downloads.schneider-electric.com/?p_Conf=&p_localesFilter=&p_docTypeFilter=155589... http://www.downloads.schneider-electric.com/ \u00a0 \u00a0\n\n\n\nThe security announcements affecting the OPC Factory Server are available here:\n\n\n http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page \n\n\n\nSchneider\n Electric recommends customers to upgrade to OFS v3.4 or later (Version \nv3.5 is currently available). Customers that cannot upgrade are directed\n to remove the demonstration client from affected computers, provided it\n is not required for operations."}], "source": {"advisory": "ICSA-14-058-02", "discovery": "INTERNAL"}, "title": "Schneider Electric OFS Stack Buffer Overflow", "x_generator": {"engine": "Vulnogram 0.2.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2014-0774", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02", "refsource": "MISC", "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"}, {"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01", "refsource": "CONFIRM", "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"}, {"name": "65871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65871"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:27:19.467Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"}, {"name": "65871", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65871"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-0774", "datePublished": "2014-02-28T02:00:00", "dateReserved": "2014-01-02T00:00:00", "dateUpdated": "2025-09-24T21:10:10.144Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdlfofs33:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "36AB0685-A0FE-4465-8C9E-7C633AAE0584", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdltofs33:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "16B1D3C2-7A1B-403F-A2BE-01BAC2C01E74", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdluofs33:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "6B58EF88-D1BC-4858-A3DA-505D72EE46E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdstofs33:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "06B8043C-3542-4B8F-82BE-E1E8A8E067F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:ofs_test_client_tlxcdsuofs33:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "1EF80DC0-7948-4E95-B090-14CC482B9DE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:opc_factory_server:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "F8874360-6B9A-40C3-A95F-8FD18F73244D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file."}, {"lang": "es", "value": "Desbordamiento de buffer basado en pila en el cliente C++ de ejemplo en Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35 y TLXCDLFOFS33 - 3.35 permite a usuarios locales ganar privilegios a trav\u00e9s de vectores involucrando un archivo de configuraci\u00f3n malformado."}], "id": "CVE-2014-0774", "lastModified": "2025-09-24T22:15:34.533", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "ics-cert@hq.dhs.gov", "type": "Secondary", "userInteractionRequired": true}, {"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-02-28T06:18:54.277", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "http://www.securityfocus.com/bid/65871"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-031-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-058-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65871"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Secondary"}]}