CVE-2020-7554

Vulnerability

A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247. The flaw resides in the parsing of CGF (Configuration Group File) files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, leading to a stack-based buffer overflow [1].

Exploitation

An attacker can exploit this vulnerability by convincing a user to import a specially crafted malicious CGF file into IGSS Definition. No authentication is required, but user interaction is necessary—the target must visit a malicious page (in a local context) or open a malicious file [1]. The attack vector is local, with low complexity, and the attacker can leverage the vulnerability to execute code in the context of the current process [1].

Impact

Successful exploitation allows remote attackers to execute arbitrary code on the affected installation of Schneider Electric IGSS. This results in full compromise of confidentiality, integrity, and availability (CIA), as the CVSS score is 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) [1].

Mitigation

As of the available references, no patch or fixed version has been disclosed for this vulnerability. Users should restrict access to the IGSS Definition application and avoid opening CGF files from untrusted sources. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].