CVE-2021-22709

EPSS 2.0%CWE-119

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 2.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

11 mar 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

Productos afectados

n/a · Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-068-01 https://www.se.com/ww/en/download/document/SEVD-2021-068-01