First published: Fri Feb 11 2022(Updated: )
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Interactive Graphical Scada System Data Collector | <=15.0.0.21243 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.