2 matches found
CVE-2021-22757
A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious CGF file is imported to IGSS Definition...
CVE-2021-22757
The connected Red Hat and Schneider Electric disclosures confirm CVE-2021-22757 affects Schneider Electric IGSS Definition (Def.exe) versions 15.0.0.21140 and earlier. The root cause is an out-of-bounds read (CWE-125) stemming from insufficient input validation when importing a malicious CGF file...