CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

BDU FSTEC•added 2023/03/23 12:0 a.m.•5 views

The vulnerability lies in the executable file IGSSdataServer.exe of the SCADA system’s data server, IGSS Data Server, as well as the executable file DashBoard.exe of the IGSS Dashboard. Additionally, the RMS16.dll library from the report module Custom Reports allows a hacker to delete these files from the report folder.

The vulnerability of the IGSSdataServer.exe executable file of the SCADA system’s data server, the DashBoard.exe executable file of the IGSS Dashboard, and the RMS16.dll library of the report module Custom Reports is related to insufficient verification of data authenticity. Exploiting this...

6.5CVSS6.4AI score0.00243EPSS

Exploits0References5Affected Software3

Prion•added 2023/03/21 11:15 a.m.•17 views

Input validation

A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report file planted by an attacker. Affected Products: IGSS Data ServerIGSSdataServer.exeV16.0.0.23040 and...

6.8CVSS8.9AI score0.00609EPSS

Exploits0References1Affected Software3

NVD•added 2023/03/21 10:15 a.m.•16 views

CVE-2023-27981

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Affected Products: IGSS Data ServerIGSSdataServer.exeV16.0.0.23040 and prior, IGSS...

8.8CVSS8.5AI score0.00725EPSS

Exploits0References1

Prion•added 2023/03/21 10:15 a.m.•16 views

Design/Logic Flaw

6.8CVSS8.8AI score0.00725EPSS

Exploits0References1Affected Software3