EUVD-2023-31707

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

CWE-22 vulnerability in Custom Reports may allow remote code execution via malicious reports opening.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2023-27981	21 Mar 202313:34	–	circl
CNNVD	Schneider Electric IGSS Data Server 路径遍历漏洞	21 Mar 202300:00	–	cnnvd
CNVD	Schneider Electric IGSS Data Server Path Traversal Vulnerability	20 Mar 202300:00	–	cnvd
CVE	CVE-2023-27981	21 Mar 202300:00	–	cve
Cvelist	CVE-2023-27981	21 Mar 202300:00	–	cvelist
ICS	Schneider Electric IGSS	3 Apr 202319:38	–	ics
NVD	CVE-2023-27981	21 Mar 202310:15	–	nvd
OSV	CVE-2023-27981	21 Mar 202310:15	–	osv
Prion	Design/Logic Flaw	21 Mar 202310:15	–	prion
Positive Technologies	PT-2023-1855 · Unknown · Igss Dashboard +2	14 Mar 202300:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "ae28a060-9951-34e3-aa6a-cade2fd670d6",
        "vendor": {
          "name": "Schneider Electric"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "783ad5ff-3c8e-372b-be46-d85fe70a0f88",
        "product": {
          "name": "IGSS Data Server(IGSSdataServer.exe)"
        },
        "product_version": "V ≤16.0.0.23040"
      },
      {
        "id": "df8765b9-10da-3400-aa75-b4a38e4e22e4",
        "product": {
          "name": "Custom Reports (RMS16.dll)"
        },
        "product_version": "V ≤16.0.0.23040"
      },
      {
        "id": "e957a3e0-bb71-30ca-9223-f5146c5802f5",
        "product": {
          "name": "IGSS Dashboard (DashBoard.exe)"
        },
        "product_version": "V ≤16.0.0.23040"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

03 Oct 2025 20:07Current

8.6High risk

Vulners AI Score8.6

CVSS 3.17.8 - 8.8

EPSS0.00732

SSVC

vulnerability path traversal remote code execution custom reports igss data server igss dashboard