QwikSec

Security Database

CVE

CWE

Training

CVE-2014-9188

Published: Dec 27, 2014

Modified: Jul 24, 2025

PUBLISHED

Description

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers.

Vendor	Product	Versions
Schneider Electric	ProClima	affected `0 - <= 6.0.1`

Weaknesses (CWE)

References

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01

x_refsource_CONFIRM

https://www.cisa.gov/news-events/ics-advisories/icsa-14-350-01

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.