VYPR

IGSS Definition

by Schneider Electric

CVEs (16)

  • CVE-2021-22762HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Definition.

  • CVE-2021-22761HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied…

  • CVE-2021-22760HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file is imported to IGSS…

  • CVE-2021-22759HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition.

  • CVE-2021-22758HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-824: Access of uninitialized pointer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack validation of user-supplied input data, when a malicious CGF file is imported to IGSS…

  • CVE-2021-22756HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-supplied data validation, when a malicious CGF file is imported to IGSS Definition.

  • CVE-2021-22755HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS…

  • CVE-2021-22754HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack of proper validation of user-supplied data, when a malicious CGF file is imported to IGSS Definition.

  • CVE-2021-22753HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition.

  • CVE-2021-22752HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP (Workspace) file is being parsed by IGSS Definition.

  • CVE-2021-22750HigJun 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition.

  • CVE-2021-22712HigMar 11, 2021
    risk 0.51cvss 7.8epss 0.01

    A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF…

  • CVE-2021-22710HigMar 11, 2021
    risk 0.51cvss 7.8epss 0.02

    A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File)…

  • CVE-2021-22709HigMar 11, 2021
    risk 0.51cvss 7.8epss 0.02

    A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF…

  • CVE-2020-7551HigNov 19, 2020
    risk 0.51cvss 7.8epss 0.02

    A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

  • CVE-2020-7550HigNov 19, 2020
    risk 0.51cvss 7.8epss 0.02

    A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS…