VDB
ICSA-21-159-04
ICSA-21-159-04
PUBLISHED
CVSS 7.800000190734863 HIGH
Successful exploitation of these vulnerabilities may result in remote code execution, which could result in an attacker gaining access to the Windows Operating System on the machine used to import CGF and WSP files.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IGSS Definition (Def.exe): v15.0.0.21140 and prior |
Timeline
- Jun 8, 2021 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-159-04.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-159-04 advisory
- https://us-cert.cisa.gov/ncas/tips/ST04-014 url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B url
- https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP fix
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01 fix