Medium severity5.9NVD Advisory· Published Feb 12, 2018· Updated Jun 17, 2026
CVE-2017-9968
CVE-2017-9968
Description
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=3.01
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/103048nvdThird Party AdvisoryVDB Entry
- ics-cert.us-cert.gov/advisories/ICSA-18-046-03nvdThird Party AdvisoryUS Government Resource
- www.schneider-electric.com/en/download/document/SEVD-2018-039-02/nvdVendor Advisory
News mentions
0No linked articles in our index yet.