Vulnetix
Try Vulnetix Request Demo
SEVD-2021-159-01 PUBLISHED CVSS 7.800000190734863 HIGH

Schneider Electric is aware of multiple vulnerabilities in the Interactive Graphical SCADA System (IGSS) product. The IGSS product is a state-of-the art SCADA system used for monitoring and controlling industrial processes. IGSS communicates with all major industry standard PLC drivers. Failure to apply the remediations provided below may risk remote code execution, which could result in an attacker gaining access to the Windows Operating System on the machine used to import CGF and WSP files, typically a step performed during system design time.

Risk Scores

CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Schneider Electric IGSS Definition (Def.exe) V15.0.0.21041 and prior
Schneider Electric IGSS Definition module: Def.exe Version 15.0.0.21141
Schneider Electric IGSS Definition (Def.exe) V15.0.0.21140 and prior

Timeline

References

Open in Interactive Console →