Schneider-electric

Interactive Graphical Scada System

43 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-4516

  • EPSS 0.03%
  • Published 14.09.2023 09:15:08
  • Last modified 21.11.2024 08:35:19

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update contain...

9.8

CVE-2022-2329

  • EPSS 3.38%
  • Published 01.02.2023 04:15:08
  • Last modified 21.11.2024 07:00:46

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Produc...

9.8

CVE-2022-24324

  • EPSS 2.32%
  • Published 01.02.2023 04:15:08
  • Last modified 21.11.2024 06:50:10

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Se...

9.8

CVE-2022-32529

  • EPSS 4.42%
  • Published 30.01.2023 23:15:11
  • Last modified 21.11.2024 07:06:34

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Produ...

9.1

CVE-2022-32528

  • EPSS 0.08%
  • Published 30.01.2023 23:15:11
  • Last modified 21.11.2024 07:06:34

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read specific files in the IGSS project report directory, potentially leading to a denial-of-service condition when an attacker se...

9.8

CVE-2022-32522

  • EPSS 3.78%
  • Published 30.01.2023 23:15:10
  • Last modified 21.11.2024 07:06:33

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messa...

9.8

CVE-2022-32523

  • EPSS 4.42%
  • Published 30.01.2023 23:15:10
  • Last modified 21.11.2024 07:06:33

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Pr...

9.8

CVE-2022-32524

  • EPSS 4.42%
  • Published 30.01.2023 23:15:10
  • Last modified 21.11.2024 07:06:33

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Prod...

9.8

CVE-2022-32525

  • EPSS 3.61%
  • Published 30.01.2023 23:15:10
  • Last modified 21.11.2024 07:06:33

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: I...

9.8

CVE-2022-32526

  • EPSS 3.61%
  • Published 30.01.2023 23:15:10
  • Last modified 21.11.2024 07:06:33

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products...