6 matches found
CVE-2021-22759
A CWE-416: Use after free vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition...
CVE-2021-22757
A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious CGF file is imported to IGSS Definition...
Out-of-bounds
A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition...
CVE-2021-22753
The CVE-2021-22753 vulnerability affects Schneider Electric IGSS Definition (Def.exe) v15.0.0.21140 and earlier, caused by missing length checks when parsing malicious WSP files, leading to a CWE-125 out-of-bounds read that could result in data loss or remote code execution. Schneider Electric fi...
CVE-2021-22755
A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS Definition...
CVE-2021-22755
The connected sources confirm CVE-2021-22755 affects Schneider Electric IGSS Definition (Def.exe) up to version 15.0.0.21140, with an out-of-bounds write vulnerability arising from insufficient validation/sanity checks when importing a CGF file. Impact is disclosure of information or remote code ...