Schneider Electric IGSS SCADA Software

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these...

Security feature bypass

A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization ASLR and Data Execution prevention DEP were not properly configured resulting in weak security...

CVE-2017-9967

A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization ASLR and Data Execution prevention DEP were not properly configured resulting in weak security...

CVE-2017-9967

A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization ASLR and Data Execution prevention DEP were not properly configured resulting in weak security...

CVE-2017-9967

Affected product: Schneider Electric IGSS SCADA Software (version 12 and earlier). Root cause: security misconfiguration of memory protection (ASLR and DEP) leading to weak security. Impact: vulnerability described as a local, likely code-execution risk when exploiting improper security configura...