Schneider-Electric Interactive Graphical Scada System vulnerabilities
43 known vulnerabilities affecting schneider-electric/interactive_graphical_scada_system.
Total CVEs
43
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL11HIGH32
Vulnerabilities
Page 2 of 3
CVE-2021-22760HIGHCVSS 7.8≤ 15.0.0.211402021-06-11
CVE-2021-22760 [HIGH] CWE-763 CVE-2021-22760: A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe)
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file is imported to IGSS Definition.
nvd
CVE-2021-22759HIGHCVSS 7.8≤ 15.0.0.211402021-06-11
CVE-2021-22759 [HIGH] CWE-416 CVE-2021-22759: A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior t
A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition.
nvd
CVE-2021-22762HIGHCVSS 7.8≤ 15.0.0.211402021-06-11
CVE-2021-22762 [HIGH] CWE-22 CVE-2021-22762: A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS De
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Definition.
nvd
CVE-2021-22750HIGHCVSS 7.8≤ 15.0.0.210412021-06-11
CVE-2021-22750 [HIGH] CWE-787 CVE-2021-22750: A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and pr
A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition.
nvd
CVE-2021-22710HIGHCVSS 7.8≤ 15.0.0.210412021-03-11
CVE-2021-22710 [HIGH] CWE-119 CVE-2021-22710: A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exis
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2021-22712HIGHCVSS 7.8≤ 15.0.0.210412021-03-11
CVE-2021-22712 [HIGH] CWE-119 CVE-2021-22712: A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exis
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to an unchecked
nvd
CVE-2021-22709HIGHCVSS 7.8≤ 15.0.0.210412021-03-11
CVE-2021-22709 [HIGH] CWE-119 CVE-2021-22709: A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exis
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2021-22711HIGHCVSS 7.8≤ 15.0.0.210412021-03-11
CVE-2021-22711 [HIGH] CWE-119 CVE-2021-22711: A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exis
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to missing valid
nvd
CVE-2020-7554HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7554 [HIGH] CWE-119 CVE-2020-7554: A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exis
A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7556HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7556 [HIGH] CWE-787 CVE-2020-7556: A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7555HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7555 [HIGH] CWE-787 CVE-2020-7555: A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7557HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7557 [HIGH] CWE-125 CVE-2020-7557: A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7558HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7558 [HIGH] CWE-787 CVE-2020-7558: A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7550HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7550 [HIGH] CWE-119 CVE-2020-7550: A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exis
A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7553HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7553 [HIGH] CWE-787 CVE-2020-7553: A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7552HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7552 [HIGH] CWE-787 CVE-2020-7552: A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.2024
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7551HIGHCVSS 7.8≤ 14.0.0.202472020-11-19
CVE-2020-7551 [HIGH] CWE-787 CVE-2020-7551: A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.2024
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
nvd
CVE-2020-7479HIGHCVSS 7.8≥ 14.0, < 14.0.0.200092020-03-23
CVE-2020-7479 [HIGH] CWE-306 CVE-2020-7479: A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 an
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service.
nvd
CVE-2020-7478HIGHCVSS 7.5≥ 14.0, < 14.0.0.200092020-03-23
CVE-2020-7478 [HIGH] CWE-22 CVE-2020-7478: A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS (Versions 14 an
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a remote unauthenticated attacker to read arbitrary files from the IGSS server PC on an unrestricted or shared network when the IGSS Update Service is enabled.
nvd
CVE-2019-6827HIGHCVSS 7.8≤ 12.0≥ 13.0, < 13.0.0.19140+1 more2019-07-15
CVE-2019-6827 [HIGH] CWE-787 CVE-2019-6827: A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Ve
A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated.
nvd