Schneider-electric

Interactive Graphical Scada System

43 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-32527

  • EPSS 3.61%
  • Published 30.01.2023 23:15:10
  • Last modified 21.11.2024 07:06:33

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Produ...

7.8

CVE-2021-22762

  • EPSS 0.61%
  • Published 11.06.2021 16:15:10
  • Last modified 21.11.2024 05:50:37

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Defini...

7.8

CVE-2021-22761

  • EPSS 0.22%
  • Published 11.06.2021 16:15:10
  • Last modified 21.11.2024 05:50:36

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing len...

7.8

CVE-2021-22760

  • EPSS 0.43%
  • Published 11.06.2021 16:15:10
  • Last modified 21.11.2024 05:50:36

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious...

7.8

CVE-2021-22759

  • EPSS 0.51%
  • Published 11.06.2021 16:15:10
  • Last modified 21.11.2024 05:50:36

A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition...

7.8

CVE-2021-22758

  • EPSS 0.43%
  • Published 11.06.2021 16:15:10
  • Last modified 21.11.2024 05:50:36

A CWE-824: Access of uninitialized pointer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack validation of user-supplied input data, when a malicious CGF fi...

7.8

CVE-2021-22752

  • EPSS 0.43%
  • Published 11.06.2021 16:15:09
  • Last modified 21.11.2024 05:50:35

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP (Workspace) file is being parsed by IG...

7.8

CVE-2021-22757

  • EPSS 0.49%
  • Published 11.06.2021 16:15:09
  • Last modified 21.11.2024 05:50:36

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious ...

7.8

CVE-2021-22756

  • EPSS 0.43%
  • Published 11.06.2021 16:15:09
  • Last modified 21.11.2024 05:50:36

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-supplied data validation, when a malicious CGF file is ...

7.8

CVE-2021-22755

  • EPSS 0.49%
  • Published 11.06.2021 16:15:09
  • Last modified 21.11.2024 05:50:36

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF f...