Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack of proper validation of user-supplied data, when a malicious CGF file is imported to IGSS Definition.
CVSS Information
N/A
Vulnerability Type
跨界内存写
Vulnerability Title
Schneider Electric IGSS 缓冲区错误漏洞
Vulnerability Description
IGSS Definition是一个系统设计者使用的主要程序。该程序旨在帮助系统设计人员执行以下任务: 通过使用过程图构建受监控过程的模型。通过指定其唯一的 PLC 地址,将 IGSS 连接到物理过程组件。 Schneider Electric IGSS 中存在缓冲区错误漏洞,该漏洞源于IGSS Definition导入CGF文件时,由于缺少正确验证,攻击者可通过该漏洞引起远程代码执行。以下产品及型号会受到影响:Schneider Electric IGSS(Def.exe) V15.0.0.21140
CVSS Information
N/A
Vulnerability Type
N/A