Schneider Electric OFS Stack Buffer Overflow
Summary
| CVE | CVE-2014-0774 |
|---|---|
| State | PUBLISHED |
| Assigner | icscert |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-02-28 06:18:54 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file. |
Risk And Classification
Primary CVSS: v2.0 6.9 from [email protected]
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS: 0.000630000 probability, percentile 0.191880000 (date 2026-05-05)
Problem Types: CWE-121 | CWE-119 | CWE-121 CWE-121
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 2.0 | [email protected] | Primary | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C | |
| 2.0 | [email protected] | Secondary | 6.8 | AV:L/AC:L/Au:S/C:C/I:C/A:C | |
| 2.0 | CNA | CVSS | 6.8 | AV:L/AC:L/Au:S/C:C/I:C/A:C |
CVSS v2.0 Breakdown
AV:L/AC:M/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Schneider-electric | Ofs Test Client Tlxcdlfofs33 | 3.35 | All | All | All |
| Application | Schneider-electric | Ofs Test Client Tlxcdltofs33 | 3.35 | All | All | All |
| Application | Schneider-electric | Ofs Test Client Tlxcdluofs33 | 3.35 | All | All | All |
| Application | Schneider-electric | Ofs Test Client Tlxcdstofs33 | 3.35 | All | All | All |
| Application | Schneider-electric | Ofs Test Client Tlxcdsuofs33 | 3.35 | All | All | All |
| Application | Schneider-electric | Opc Factory Server | 3.35 | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Schneider Electric | TLXCDSUOFS33 | affected V3.35 | Not specified |
| CNA | Schneider Electric | TLXCDSTOFS33 | affected V3.35 | Not specified |
| CNA | Schneider Electric | TLXCDLUOFS33 | affected V3.35 | Not specified |
| CNA | Schneider Electric | TLXCDLTOFS33 | affected V3.35 | Not specified |
| CNA | Schneider Electric | TLXCDLFOFS33 | affected V3.35 | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.cisa.gov/news-events/ics-advisories/icsa-14-058-02 | [email protected] | www.cisa.gov | |
| Schneider Electric OPC Factory Server Local Stack Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| download.schneider-electric.com/files | [email protected] | download.schneider-electric.com | |
| download.schneider-electric.com/files | af854a3a-2127-422b-91ae-364da2661108 | download.schneider-electric.com | Vendor Advisory |
| Schneider Electric OFS Buffer Overflow Vulnerability | ICS-CERT | af854a3a-2127-422b-91ae-364da2661108 | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Schneider Electric (en)
Additional Advisory Data
Solutions
CNA: Schneider Electric has a product upgrade as well as a workaround solution that mitigates this vulnerability. Schneider Electric Security Notification SEVD 2014-031-01,”Vulnerability Disclosure – OPC Factory Server V3.35,” http://www.downloads.schneider-electric.com/?p_Conf=&p_localesFilter=&p_docTypeFilter=155589... http://www.downloads.schneider-electric.com/ The security announcements affecting the OPC Factory Server are available here: http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page Schneider Electric recommends customers to upgrade to OFS v3.4 or later (Version v3.5 is currently available). Customers that cannot upgrade are directed to remove the demonstration client from affected computers, provided it is not required for operations.