Lucene search

K
Schneider-electricInteractive Graphical Scada System

28 matches found

CVE
CVE
added 2019/07/15 9:15 p.m.141 views

CVE-2019-6827

A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated.

7.8CVSS7.5AI score0.00308EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.76 views

CVE-2021-22759

A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS8.2AI score0.00509EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.55 views

CVE-2020-7556

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.0066EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.53 views

CVE-2020-7552

A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.00682EPSS
CVE
CVE
added 2023/09/14 9:15 a.m.50 views

CVE-2023-4516

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS UpdateService that could allow a local attacker to change update source, potentially leading to remotecode execution when the attacker force an update containing malicious content.

7.8CVSS7.5AI score0.00028EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.49 views

CVE-2020-7558

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.0066EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.48 views

CVE-2021-22758

A CWE-824: Access of uninitialized pointer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack validation of user-supplied input data, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.9AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.47 views

CVE-2021-22761

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied data, when a malicious...

7.8CVSS7.6AI score0.00217EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.46 views

CVE-2017-6033

A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path.

7.8CVSS7.6AI score0.00216EPSS
CVE
CVE
added 2020/03/23 8:15 p.m.46 views

CVE-2020-7478

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a remote unauthenticated attacker to read arbitrary files from the IGSS server PC on an unrestricted or shared network when the IGSS Update S...

7.5CVSS7.5AI score0.01846EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.46 views

CVE-2020-7553

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.0066EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.44 views

CVE-2020-7554

A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.8AI score0.0066EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.44 views

CVE-2021-22762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Definition.

7.8CVSS7.7AI score0.00611EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.43 views

CVE-2020-7550

A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.8AI score0.0066EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.43 views

CVE-2020-7555

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.0066EPSS
CVE
CVE
added 2018/02/12 11:29 p.m.42 views

CVE-2017-9967

A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security.

7.8CVSS7.6AI score0.00091EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.42 views

CVE-2020-7551

A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.00682EPSS
CVE
CVE
added 2020/11/19 10:15 p.m.41 views

CVE-2020-7557

A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.7AI score0.0066EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.41 views

CVE-2021-22753

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition.

7.8CVSS7.8AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.39 views

CVE-2021-22757

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.7AI score0.00493EPSS
CVE
CVE
added 2020/03/23 8:15 p.m.38 views

CVE-2020-7479

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service...

7.8CVSS7.9AI score0.00148EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.38 views

CVE-2021-22755

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.7AI score0.00493EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.36 views

CVE-2021-22750

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.9AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.36 views

CVE-2021-22754

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack of proper validation of user-supplied data, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.9AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.36 views

CVE-2021-22756

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-supplied data validation, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.6AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.36 views

CVE-2021-22760

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file is imported to IGSS Definition.

7.8CVSS7.9AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.35 views

CVE-2021-22752

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP (Workspace) file is being parsed by IGSS Definition.

7.8CVSS7.9AI score0.00434EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.34 views

CVE-2021-22751

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or execution of arbitrary code due to lack of input validation, when a malicious CGF (Configuration Group File) file is imported to IGSS Definition.

7.8CVSS7.6AI score0.00367EPSS