2 matches found
CVE-2021-22750
A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition...
CVE-2021-22712
Schneider Electric IGSS Def.exe (Definition) has a CWE-119 buffer bounds vulnerability in V15.0.0.21041 and earlier, allowing arbitrary read/write via parsing a malicious CGF file due to an unchecked pointer address. ZDI reports remote code execution with user interaction required (visit a malici...