{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Floating License Manager","vendor":"Schneider Electric","versions":[{"lessThanOrEqual":"V1.4.0","status":"affected","version":"V1.0.0","versionType":"custom"}]}],"datePublic":"2014-02-27T07:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.</p>"}],"value":"Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character."}],"metrics":[{"cvssV2_0":{"accessComplexity":"MEDIUM","accessVector":"LOCAL","authentication":"NONE","availabilityImpact":"COMPLETE","baseScore":6.9,"confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","version":"2.0"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-428","description":"CWE-428","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert","dateUpdated":"2025-09-19T18:52:00.207Z"},"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-14-058-01"},{"tags":["x_refsource_CONFIRM"],"url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Deployment of the Schneider Electric products using the vulnerable \nfloating license manager are designed to be automatically updated via \nthe Schneider Electric Software Update system.</p>\n<p>Schneider Electric’s latest download patches and known vulnerabilities are available here:</p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page\">http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page</a></p>\n\n<br>"}],"value":"Deployment of the Schneider Electric products using the vulnerable \nfloating license manager are designed to be automatically updated via \nthe Schneider Electric Software Update system.\n\n\nSchneider Electric’s latest download patches and known vulnerabilities are available here:\n\n\n http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page"}],"source":{"advisory":"ICSA-14-058-01","discovery":"INTERNAL"},"title":"Schneider Electric Floating License Manager Unquoted Search Path or Element","x_generator":{"engine":"Vulnogram 0.2.0"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2014-0759","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01","refsource":"MISC","url":"http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01"},{"name":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01","refsource":"CONFIRM","url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T09:27:19.486Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01"}]}]},"cveMetadata":{"assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","assignerShortName":"icscert","cveId":"CVE-2014-0759","datePublished":"2014-02-28T02:00:00.000Z","dateReserved":"2014-01-02T00:00:00.000Z","dateUpdated":"2025-09-19T18:52:00.207Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}