Schneider-Electric: >> Interactive Graphical Scada System Security Vulnerabilities
A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-02-12
A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-04-07
Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.
CVSS Score
10.0
EPSS Score
0.602
Published
2013-01-21
Page 5