Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:59 a.m.5 views

CVE-2020-7478

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS Versions 14 and prior using the service: IGSSupdate, which could allow a remote unauthenticated attacker to read arbitrary files from the IGSS server PC on an unrestricted or shared network when the IGSS Update...

7.5CVSS7.1AI score0.03966EPSS
Exploits0References1
ICS
ICS
added 2020/03/24 12:0 a.m.89 views

Schneider Electric IGSS SCADA Software

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Path Traversal, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of...

7.8CVSS8.5AI score0.03966EPSS
Exploits0References5
NVD
NVD
added 2020/03/23 8:15 p.m.32 views

CVE-2020-7478

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS Versions 14 and prior using the service: IGSSupdate, which could allow a remote unauthenticated attacker to read arbitrary files from the IGSS server PC on an unrestricted or shared network when the IGSS Update...

7.5CVSS7.5AI score0.03966EPSS
Exploits0References2
CVE
CVE
added 2020/03/23 7:17 p.m.64 views

CVE-2020-7478

CVE-2020-7478 is a directory traversal vulnerability in Schneider Electric IGSS IGSSupdateservice (versions 14 and prior, using the IGSSupdate service). The flaw allows a remote unauthenticated attacker to read arbitrary files on the IGSS server over the network when the update service is enabled...

7.5CVSS7.5AI score0.03966EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder