A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to an unchecked pointer address.
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-068-01 | Patch Vendor Advisory |
https://www.se.com/ww/en/download/document/SEVD-2021-068-01 | Broken Link Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: schneider
Published: 2021-03-11T20:25:07
Updated: 2021-03-11T20:25:07
Reserved: 2021-01-06T00:00:00
Link: CVE-2021-22712
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-11T21:15:12.327
Modified: 2021-03-17T20:23:56.500
Link: CVE-2021-22712
JSON object: View
Redhat Information
No data.
CWE