CVE-2020-7558

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...

CVE-2021-22750

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition...

CVE-2021-22757

The connected Red Hat and Schneider Electric disclosures confirm CVE-2021-22757 affects Schneider Electric IGSS Definition (Def.exe) versions 15.0.0.21140 and earlier. The root cause is an out-of-bounds read (CWE-125) stemming from insufficient input validation when importing a malicious CGF file...

CVE-2021-22753

The CVE-2021-22753 vulnerability affects Schneider Electric IGSS Definition (Def.exe) v15.0.0.21140 and earlier, caused by missing length checks when parsing malicious WSP files, leading to a CWE-125 out-of-bounds read that could result in data loss or remote code execution. Schneider Electric fi...

CVE-2021-22752

CVE-2021-22752 concerns Schneider Electric IGSS Definition (Def.exe) up to v15.0.0.21140. It is a CWE-787 out-of-bounds write vulnerability arising from missing size checks while parsing WSP files, potentially enabling data loss or remote code execution in affected IGSS Definition. The NVD and mu...

CVE-2021-22761

The CVE-2021-22761 entry applies to Schneider Electric IGSS Definition (Def.exe) versions 15.0.0.21140 and earlier. The root cause is missing length checks when parsing a malicious CGF file, leading to out-of-bounds/memory corruption that can disclose information or enable remote code execution. ...

CVE-2021-22754

CVE-2021-22754 is an out-of-bounds write vulnerability in Schneider Electric’s IGSS Definition (Def.exe) up to version 15.0.0.21140. The issue arises from insufficient validation during parsing/import of a malicious CGF file, potentially leading to data loss or remote code execution. Red Hat and ...

CVE-2021-22759

CVE-2021-22759 is a use-after-free vulnerability (CWE-416) in Schneider Electric IGSS Definition (Def.exe) up to version 15.0.0.21140. The Red Hat and NVD/NVD-sourced materials describe that unchecked input data when importing a malicious CGF file into IGSS Definition can lead to data loss or rem...

CVE-2021-22760

CVE-2021-22760 affects Schneider Electric IGSS Definition (Def.exe) v15.0.0.21140 and earlier, with a CWE-763 release of invalid pointer or reference due to missing checks of user-supplied input when importing a malicious CGF file. Impact could include data loss or remote code execution. Schneide...

CVE-2021-22758

IGSS Definition (Def.exe) vulnerability CVE-2021-22758 affects v15.0.0.21140 and earlier, caused by lack of input validation when importing a malicious CGF file, leading to loss of data or remote code execution (CWE-824). Schneider Electric fixes this in Def.exe v15.0.0.21141; remediation guidanc...

CVE-2021-22750

The CVE-2021-22750 issue affects Schneider Electric IGSS Definition (Def.exe) versions up to 15.0.0.21041 (and earlier) with an out-of-bounds write when importing a malicious CGF file, caused by missing length checks. The vulnerability can lead to data loss or remote code execution on affected sy...

CVE-2021-22712

Schneider Electric IGSS Def.exe (Definition) has a CWE-119 buffer bounds vulnerability in V15.0.0.21041 and earlier, allowing arbitrary read/write via parsing a malicious CGF file due to an unchecked pointer address. ZDI reports remote code execution with user interaction required (visit a malici...

CVE-2020-7555

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...

CVE-2020-7558

The CVE-2020-7558 entry concerns Schneider Electric IGSS Definition (Def.exe) version 14.0.0.20247 with an Out-of-bounds Write (CWE-787) that can lead to Remote Code Execution when a malicious CGF file is imported. Public sources (ZDI advisory and Red Hat/NVD/NVD-derived records) confirm the affe...

CVE-2020-7556

The CVE-2020-7556 issue affects Schneider Electric IGSS Definition (Def.exe) 14.0.0.20247. It is an out-of-bounds write (CWE-787) in the CGF file parsing that could lead to remote code execution when a malicious CGF is imported. Public details indicate a high-severity vulnerability (CVSS v3 base ...

CVE-2020-7554

Schneider Electric IGSS exposes CVE-2020-7554, a CWE-119 buffer-boundary vulnerability in IGSS Definition (Def.exe) 14.0.0.20247 that can lead to Remote Code Execution when a malicious CGF file is imported. The Red Hat/Red Hat-affiliated and ZDI entries describe a stack-based or related boundary ...

CVE-2020-7553

Schneider Electric IGSS Def.exe (IGSS Definition) versions affected include 14.0.0.20247 and earlier. A CWE-787 Out-of-bounds Write vulnerability in CGF file parsing could allow Remote Code Execution when a malicious CGF is imported to IGSS Definition. Public details describe a heap-based buffer ...

CVE-2020-7553

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...

CVE-2020-7552

CVE-2020-7552 affects Schneider Electric IGSS Definition (Def.exe) up to version 14.0.0.20247. The issue is a CGF file parsing heap-based buffer overflow that could lead to remote code execution. ZDI details indicate the flaw exists in parsing CGF files, enabling code execution in the current pro...

CVE-2020-7551

Schneider Electric IGSS exposes an out-of-bounds write in the IGSS Definition module (Def.exe) version 14.0.0.20247 when parsing a malicious CGF file, allowing Remote Code Execution. The vulnerability (CWE-787) affects Def.exe; exploitation requires user interaction (e.g., opening a malicious CGF...