Filtered by vendor Schneider-electric
Subscribe
Filtered by product Interactive Graphical Scada System
Subscribe
Total
42 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22754 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack of proper validation of user-supplied data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22758 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-824: Access of uninitialized pointer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack validation of user-supplied input data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22750 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22751 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or execution of arbitrary code due to lack of input validation, when a malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2021-22752 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP (Workspace) file is being parsed by IGSS Definition. | |||||
| CVE-2021-22757 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22756 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-supplied data validation, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22755 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22710 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-03-18 | 9.3 HIGH | 7.8 HIGH |
| A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2021-22711 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-03-17 | 9.3 HIGH | 7.8 HIGH |
| A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to missing validation of input data. | |||||
| CVE-2021-22709 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-03-17 | 9.3 HIGH | 7.8 HIGH |
| A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2021-22712 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-03-17 | 9.3 HIGH | 7.8 HIGH |
| A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to an unchecked pointer address. | |||||
| CVE-2020-7553 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-03-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7550 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7554 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7556 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7557 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7558 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7555 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-01-29 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2017-6033 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2019-10-09 | 6.8 MEDIUM | 7.8 HIGH |
| A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path. | |||||