CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-22801 – Schneider Electric ConneXium Network Manager Insufficient UI Warning Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22801
A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: ConneXium Network Manager Software (All Versions) Una CWE-269: Se presenta una vulnerabilidad de Administración de Privilegios Inapropiada que podría causar una ejecución de un comando arbitrario cuando el software está configurado con acciones de eventos especialmente diseñados. Producto afectado: Software ConneXium Network Manager (todas las versiones) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric ConneXium Network Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of CXN files. The product UI does not warn the user of unsafe actions. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-02 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-22802 – Schneider Electric IGSS Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22802
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) Una CWE-120: Se presenta una vulnerabilidad de Copia del búfer sin Comprobar el Tamaño de la Entrada que podría resultar en una ejecución de código remota debido a una falta de comprobación de la longitud de los datos suministrados por el usuario, cuando es recibido un mensaje construido en la red. Producto afectado: Interactive Graphical SCADA System Data Collector (dc.exe) (versiones V15.0.0.21243 y anteriores) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP traffic by the dc.exe process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-22803 – Schneider Electric IGSS Unrestricted File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22803
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) Una CWE-434: Se presenta una vulnerabilidad de Carga no Restringida de Archivos con Tipo Peligroso que podría conllevar a una ejecución de código remota mediante una serie de rutas, cuando un atacante, escribe archivos arbitrarios en carpetas en el contexto del módulo DC, mediante el envío de mensajes construidos en la red. Producto afectado: Interactive Graphical SCADA System Data Collector (dc.exe) (versiones V15.0.0.21243 y anteriores) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP traffic by the dc.exe process. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22805 – Schneider Electric IGSS Missing Authentication Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2021-22805
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) Una CWE-306: Se presenta una vulnerabilidad de Falta de Autenticación para una Función Crítica que podría causar el borrado de archivos arbitrarios en el contexto del usuario que ejecuta IGSS, debido a una falta de comprobación de los mensajes de red. Producto afectado: Interactive Graphical SCADA System Data Collector (dc.exe) (versiones V15.0.0.21243 y anteriores) This vulnerability allows remote attackers to delete arbitrary files on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of commands sent to the server. The issue results from the lack of authentication prior to allowing access to functionality. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2021-22804 – Schneider Electric IGSS dc.exe Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-22804
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) Una CWE-22: Se presenta una vulnerabilidad de Limitación Inapropiada de un Nombre de Ruta a un Directorio Restringido que podría causar la divulgación de archivos arbitrarios que son leídos en el contexto del usuario que ejecuta IGSS, debido a una falta de comprobación de los datos suministrados por el usuario en los mensajes de red. Producto afectado: Interactive Graphical SCADA System Data Collector (dc.exe) (versiones V15.0.0.21243 y anteriores) This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP traffic by the dc.exe process. The issue results from the lack of authentication prior to allowing access to functionality. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •