CVE-2020-7557

Vulnerability

This is an out-of-bounds read vulnerability (CWE-125) in Schneider Electric IGSS Definition (Def.exe) version 14.0.0.20247. The flaw exists during the parsing of CGF (Configuration Group File) files; the application fails to properly validate user-supplied data, which can result in reading beyond the end of an allocated data structure [1]. No special configuration is required — the vulnerable code path is reachable when a CGF file is imported into IGSS Definition.

Exploitation

An attacker can exploit this vulnerability by convincing a user to import a malicious CGF file, for example by tricking the user into opening a malicious page or file [1]. No authentication or prior access is required, but user interaction is necessary. The attacker provides a crafted CGF file that triggers an out-of-bounds read during parsing.

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the current process (IGSS Definition) [1]. This can lead to full compromise of the integrity, availability, and confidentiality of the affected system (CVSS v3.1 base score 7.8, with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) [1].

Mitigation

Schneider Electric has released a fix for CVE-2020-7557. According to the vendor advisory (referenced in [1]), users should update to the latest version of IGSS that addresses this vulnerability. No workaround is provided. The CVE is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.