CVE-2016-2291

Published: Apr 6, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

Affected (4)

Products: Schneider Electric: Proface Gp Pro Ex Ex Ed, Proface Gp Pro Ex Pfxexedls, Proface Gp Pro Ex Pfxexedv, Proface Gp Pro Ex Pfxexgrpls

Schneider Electric

4 products

Proface Gp Pro Ex Ex Ed

Proface Gp Pro Ex Pfxexedls

Proface Gp Pro Ex Pfxexedv

Proface Gp Pro Ex Pfxexgrpls

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Schneider Electric Proface Gp Pro Ex Ex Ed	Up to 4.0.4
Schneider Electric Proface Gp Pro Ex Pfxexedls	Up to 4.0.4
Schneider Electric Proface Gp Pro Ex Pfxexedv	Up to 4.0.4
Schneider Electric Proface Gp Pro Ex Pfxexgrpls	Up to 4.0.4

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (2)

https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.