Interactive Graphical Scada System Data Server Security Vulnerabilities and Issues — Interactive Graphical Scada System Data Server CVE List

Lucene search

Schneider-electricInteractive Graphical Scada System Data Server

8 matches found

CVE•added 2022/02/09 11:15 p.m.•90 views

CVE-2022-24310

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Product: Interactive Graphical SCADA System Data Server...

9.8CVSS9.6AI score0.01641EPSS

CVE•added 2022/02/09 11:15 p.m.•80 views

CVE-2022-24312

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a speciall...

9.8CVSS9.6AI score0.01751EPSS

CVE•added 2022/02/09 11:15 p.m.•78 views

CVE-2022-24311

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a...

9.8CVSS9.6AI score0.03703EPSS

CVE•added 2022/02/09 11:15 p.m.•67 views

CVE-2022-24313

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 ...

9.8CVSS9.8AI score0.04705EPSS

CVE•added 2022/02/09 11:15 p.m.•63 views

CVE-2022-24317

A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

7.5CVSS7.3AI score0.00276EPSS

CVE•added 2022/02/09 11:15 p.m.•62 views

CVE-2022-24315

A CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

7.5CVSS7.3AI score0.00643EPSS

CVE•added 2022/02/09 11:15 p.m.•58 views

CVE-2022-24316

A CWE-665: Improper Initialization vulnerability exists that could cause information exposure when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

7.5CVSS7.3AI score0.00322EPSS

CVE•added 2022/02/09 11:15 p.m.•51 views

CVE-2022-24314

A CWE-125: Out-of-bounds Read vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

7.5CVSS7.3AI score0.00627EPSS