How severe is CVE-2021-22756?

CVE-2021-22756 has a CVSS v3 score of 7.8 (HIGH).

CVE-2021-22756

Name: interactive_graphical_scada_system
Author: schneider-electric

7.8HIGH

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-suppl

Опубликовано: 6/11/2021Обновлено: 11/21/2024

Описание

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-supplied data validation, when a malicious CGF file is imported to IGSS Definition.

ИИ-АнализНа базе ИИ

Затронутые продукты

schneider-electricinteractive_graphical_scada_system

Ссылки

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01
Vendor Advisory
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01
Vendor Advisory