CVE Record: CVE-2024-10083

Required CVE Record Information

Description

CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of engineering workstation when specific driver interface is invoked locally by an authenticated user with crafted input.

CWE 1 Total

Learn more

CWE-20: CWE-20 Improper Input Validation

CVSS 2 Total

Learn more

Score	Severity	Version	Vector String
6.8	MEDIUM	4.0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
5.5	MEDIUM	3.1	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

References 1 Total

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-02.pdf
external site

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Schneider Electric SE

Description

CWE 1 Total

CVSS 2 Total

Product Status

References 1 Total

Authorized Data Publishers

CISA-ADP