First published: Thu Nov 19 2020(Updated: )
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Interactive Graphical Scada System | <=14.0.0.20247 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Schneider-electric Interactive Graphical Scada System version 14.0.0.20247.
The severity of CVE-2020-7552 is high, with a severity score of 7.8.
CVE-2020-7552 can be exploited by importing a malicious CGF file to IGSS Definition (Def.exe) version 14.0.0.20247, leading to remote code execution.
Yes, please refer to the vendor's security advisory for the latest patches and updates to address CVE-2020-7552.