Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric interactive graphical scada system data server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-24311
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when ...
Schneider-electric Interactive Graphical Scada System Data Server
9.8
CVSSv3
CVE-2022-24312
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attack...
Schneider-electric Interactive Graphical Scada System Data Server
9.8
CVSSv3
CVE-2022-24313
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Ser...
Schneider-electric Interactive Graphical Scada System Data Server
9.1
CVSSv3
CVE-2022-32528
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read specific files in the IGSS project report directory, potentially leading to a denial-of-service condition when an attacker sends specific messages. Affecte...
Schneider-electric Interactive Graphical Scada System
9.1
CVSSv3
CVE-2021-22805
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc...
Schneider-electric Interactive Graphical Scada System Data Collector
7.5
CVSSv3
CVE-2022-24314
A CWE-125: Out-of-bounds Read vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Schneider-electric Interactive Graphical Scada System Data Server
7.5
CVSSv3
CVE-2022-24315
A CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Schneider-electric Interactive Graphical Scada System Data Server
7.5
CVSSv3
CVE-2022-24316
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Schneider-electric Interactive Graphical Scada System Data Server
7.5
CVSSv3
CVE-2022-24317
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Schneider-electric Interactive Graphical Scada System Data Server
NA
CVE-2013-0657
Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and previous versions allows remote malicious users to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.
Schneider-electric Interactive Graphical Scada System
Schneider-electric Interactive Graphical Scada System 9.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2