CVE-2020-7479
published 2020-03-23CVE-2020-7479: A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | interactive_graphical_scada_system | >= 14.0 < 14.0.0.20009 | 14.0.0.20009 |