4 matches found
CVE-2020-7479
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS Versions 14 and prior using the service: IGSSupdate, which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service...
Schneider Electric IGSS SCADA Software
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Path Traversal, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of...
CVE-2020-7479
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS Versions 14 and prior using the service: IGSSupdate, which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service...
CVE-2020-7479
Schneider Electric IGSS (Interactive Graphical SCADA System) IGSSupdate service versions 14 and prior are affected by CVE-2020-7479 (Missing Authentication for Critical Function). The vulnerability enables a local user to execute processes requiring elevated privileges when sending local network ...