Vulnerabilities > Emerson > Ovation Ocr400 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-28 | CVE-2019-10967 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Emerson Ovation Ocr400 Firmware In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST command to the FTP service, which may cause the service to overwrite buffers, leading to remote code execution and escalation of privileges. | 6.5 |
| 2019-05-28 | CVE-2019-10965 | Out-of-bounds Write vulnerability in Emerson Ovation Ocr400 Firmware 3.3.1 In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution and escalation of privileges. | 8.8 |