151 matches found
Schneider Electric IGSS Data Server Code Issue Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. A code issue vulnerability exists in Schneider Electric IGSS Data Server, which can be exploited by attackers to cause remote code execution...
Schneider Electric IGSS Data Server Access Control Error Vulnerability (CNVD-2023-29375)
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An access control error vulnerability exists in Schneider Electric IGSS Data Server, which could be exploited by an attacker to create malicious report files in the IGSS...
Schneider Electric IGSS Data Server Input Validation Error Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. Schneider Electric IGSS Data Server is vulnerable to an input validation error, which could be exploited by an attacker to cause remote code execution...
The vulnerability of the SCADA system’s data server, IGSS Data Server, allows a intruder to execute arbitrary code.
The vulnerability of the IGSS Data Server SCADA system’s data server is related to the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...
PT-2023-1870 · Unknown · Igss Dashboard +2
Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions V16.0.0.23040 and prior IGSS Dashboard versions V16.0.0.23040 and prior Custom Reports versions V16.0.0.23040 and prior Description: The issue is related to insufficient verification of data authenticity, which could...
PT-2023-1688 · Unknown · Igss Dashboard +2
Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: A Missing Authentication for Critical Function issue exists in the Data Server TCP...
PT-2023-1871 · Unknown · Igss Dashboard +2
Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: The issue exists due to insufficient input validation in the Custom Reports component ...
PT-2023-1873 · Unknown · Igss Dashboard +2
Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: A Deserialization of Untrusted Data issue exists in the Dashboard module, potentially...
PT-2023-1874 · Unknown · Igss Dashboard +2
Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions V16.0.0.23040 and prior IGSS Dashboard versions V16.0.0.23040 and prior Custom Reports versions V16.0.0.23040 and prior Description: The issue is related to the absence of authentication for a critical function in th...
PT-2023-1855 · Unknown · Igss Dashboard +2
Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: A vulnerability exists in Custom Reports due to improper limitation of a pathname to a...
Schneider Electric IGSS Data Server Integer Overflow Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An integer overflow vulnerability exists in Schneider Electric IGSS Data Server, which could be exploited by an attacker to submit special requests that could crash the...
CVE-2022-2329
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-24324
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions prior to...
CVE-2022-24324
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions prior to...
CVE-2022-2329
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
Integer overflow
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions prior to...
CVE-2022-2329
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-2329
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-24324
CVE-2022-24324 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to v15.0.0.22073. Root cause is a CWE-120 buffer copy without checking input size, leading to a stack-based buffer overflow and potential remote code execution when a specially crafted message is received. Affec...