CVE-2020-7557

🗓️ 19 Nov 2020 21:08:14Reported by schneiderType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 49 Views

Out-of-bounds Read in IGSS Definition v14.0.0.20247 allows Remote Code Execution via malicious CGF fil

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2020-7557	20 Nov 202000:41	–	circl
CNNVD	Schneider Electric Interactive Graphical SCADA System Buffer Error Vulnerability	17 Nov 202000:00	–	cnnvd
Cvelist	CVE-2020-7557	19 Nov 202021:08	–	cvelist
EUVD	EUVD-2020-28682	7 Oct 202500:30	–	euvd
ICS	Schneider Electric Interactive Graphical SCADA System (IGSS)	17 Nov 202000:00	–	ics
NVD	CVE-2020-7557	19 Nov 202022:15	–	nvd
Prion	Out-of-bounds	19 Nov 202022:15	–	prion
RedhatCVE	CVE-2020-7557	9 Jan 202609:58	–	redhatcve
Zero Day Initiative	Schneider Electric IGSS CGF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability	29 Jan 202100:00	–	zdi

NVD

Node

schneider-electric interactive_graphical_scada_systemRange≤14.0.0.20247

[
  {
    "product": "IGSS Definition (Def.exe) version 14.0.0.20247 and prior",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "IGSS Definition (Def.exe) version 14.0.0.20247 and prior"
      }
    ]
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-096/
se	www.se.com/ww/en/download/document/SEVD-2020-315-03/

21 Nov 2024 05:37Current

7.7High risk

Vulners AI Score7.7

CVSS 26.8

CVSS 3.17.8

EPSS0.0066

CWE-125