CVE-2020-7555

Vulnerability

A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and earlier. The issue lies within the parsing of Configuration Group File (CGF) files; the software fails to properly validate user-supplied data, which can result in a write past the end of an allocated data structure [1]. An attacker can trigger this by convincing a user to import a malicious CGF file.

Exploitation

Exploitation requires user interaction: the target must open a malicious page or, more commonly, import a crafted CGF file into IGSS Definition via the application’s interface [1]. No authentication or special privileges are needed to import a file. The attacker supplies the malformed CGF, and when IGSS parses it the out-of-bounds write occurs, corrupting memory.

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the current process (the IGSS Definition application). This can lead to full compromise of the affected workstation, including disclosure, modification, or destruction of data, and potential propagation to other systems on the same network [1]. The CVSS v3 score is 7.8 (High) with CIA impact all rated High.

Mitigation

Schneider Electric has not yet released a patched version as of the publication of ZDI-21-094 [1]. Users should avoid importing CGF files from untrusted sources and restrict access to the IGSS Definition executable. System owners are advised to monitor vendor updates for a future fix. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.