cbcvebase.
CVE-2021-22803
published 2022-02-11

CVE-2021-22803: A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.87%
76.7th percentile
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

Affected

1 ranges
VendorProductVersion rangeFixed in
schneider-electricinteractive_graphical_scada_system_data_collector<= 15.0.0.21243

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2021-22803 is exploitable via crafted network messages sent to the IGSS Data Collector process (dc.exe); monitor for unexpected inbound network connections to dc.exe and arbitrary file write activity in its working directories.
  • ·No authentication is required to exploit this vulnerability (PR:N, UI:N); the attack is network-reachable with low complexity, making any internet-exposed dc.exe instance immediately at risk.
  • ·Affected versions are IGSS Data Collector (dc.exe) v15.0.0.21243 and prior; v15.0.0.21244 contains the fix. Verify the running version before assuming patched status.
  • ·No known public exploits were reported at time of advisory publication, but CVSS 9.8 and no-auth network vector make this high-priority for patching.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.