A security misconfiguration vulnerability exists in Schneider Electric’s IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.
CPE | Name | Operator | Version |
---|---|---|---|
igss_mobile | le | 3.01 | |
igss_mobile | le | 3.01 |