Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Schneider-electric Subscribe
Filtered by product Interactive Graphical Scada System Data Server
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-24317 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-16 5.0 MEDIUM 7.5 HIGH
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24313 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-16 7.5 HIGH 9.8 CRITICAL
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24312 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-16 7.5 HIGH 9.8 CRITICAL
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24311 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-16 7.5 HIGH 9.8 CRITICAL
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24310 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-16 7.5 HIGH 9.8 CRITICAL
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24316 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-15 5.0 MEDIUM 7.5 HIGH
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24315 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-15 5.0 MEDIUM 7.5 HIGH
A CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CVE-2022-24314 1 Schneider-electric 1 Interactive Graphical Scada System Data Server 2022-02-15 5.0 MEDIUM 7.5 HIGH
A CWE-125: Out-of-bounds Read vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)