CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9967
https://notcve.org/view.php?id=CVE-2017-9967
12 Feb 2018 — A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security. Existe una vulnerabilidad de configuración de seguridad errónea en Schneider Electric's IGSS SCADA Software, en versiones 12 y anteriores. Las opciones de configuración de seguridad como Address Space Layout Randomization... • http://www.securityfocus.com/bid/103022 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6033
https://notcve.org/view.php?id=CVE-2017-6033
07 Apr 2017 — A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path. Se ha descubierto un problema de secuestro de DLL en el software Schneider Electric Interactive Graphical SCADA System (IGSS), versión 12 y versiones anteriores. El software ejecutará un archivo malicioso si se le asig... • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-090-01 • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 60%CPEs: 2EXPL: 3CVE-2013-0657 – SEIG SCADA System 9 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2013-0657
21 Jan 2013 — Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol. Desbordamiento de búfer basado en pila en Scheneider Electric Interactive Graphical SCADA System (IGSS) v10 y anteriores que permite a atacantes remotos ejecutar código arbitrario enviando datos por el puerto TCP 12397 que no cumplen con el protocolo. SEIG SCADA System version 9 suffer... • https://packetstorm.news/files/id/148994 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •