Schneider Electric Interactive Graphical SCADA System (IGSS) Buffer Overflow Vulnerability

Last Update Date: 23 Jan 2013 12:10 Release Date: 23 Jan 2013 4810 Views

RISK: High Risk

TYPE: Operating Systems - Others OS

A vulnerability has been identified in Schneider Electric IGSS application, which can be exploited by malicious people to execute code under administrator credentials on the target system.

Impact

Denial of Service
Remote Code Execution

System / Technologies affected

Schneider Electric IGSS application, all versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued two patches for version V9 and V10 of the IGSS software:
- IGSS V9 Patch
http://igss.schneider-electric.com/igss/igssupdates/v90/progupdatesv90.zip
- IGSS V10 Patch
http://igss.schneider-electric.com/igss/igssupdates/v100/progupdatesv100.zip

Vulnerability Identifier

CVE-2013-0657

Schneider Electric Interactive Graphical SCADA System (IGSS) Buffer Overflow Vulnerability

Impact

System / Technologies affected

Solutions

Vulnerability Identifier

Source

Related Link