CVE-2020-7478

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS Versions 14 and prior using the service: IGSSupdate, which could allow a remote unauthenticated attacker to read arbitrary files from the IGSS server PC on an unrestricted or shared network when the IGSS Update...

CVE-2020-7479

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS Versions 14 and prior using the service: IGSSupdate, which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service...

Interactive Graphical SCADA System (IGSS) Out-of-Bounds Write Vulnerability

The Schneider Electric Interactive Graphical SCADA System IGSS is an advanced SCADA system for monitoring and controlling industrial processes. An out-of-bounds write vulnerability exists in the Definition module of Interactive Graphical SCADA System IGSS versions 15.0.0.21140 and earlier. The...

Interactive Graphical SCADA System (IGSS) Out-of-Bounds Read Vulnerability

The Schneider Electric Interactive Graphical SCADA System IGSS is an advanced SCADA system for monitoring and controlling industrial processes. An out-of-bounds read vulnerability exists in the Definition module of Interactive Graphical SCADA System IGSS versions 15.0.0.21140 and earlier. The...