Interactive_graphical_scada_system - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Interactive_graphical_scada_system
(Schneider\-Electric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	43

Date	Id	Summary	Products	Score	Patch	Annotated
2023-01-30	CVE-2022-32524	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)	Interactive_graphical_scada_system	9.8
2023-01-30	CVE-2022-32525	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)	Interactive_graphical_scada_system	9.8
2023-01-30	CVE-2022-32526	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)	Interactive_graphical_scada_system	9.8
2023-01-30	CVE-2022-32527	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)	Interactive_graphical_scada_system	9.8
2023-01-30	CVE-2022-32528	A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read specific files in the IGSS project report directory, potentially leading to a denial-of-service condition when an attacker sends specific messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)	Interactive_graphical_scada_system	9.1
2023-01-30	CVE-2022-32529	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)	Interactive_graphical_scada_system	9.8
2023-02-01	CVE-2022-24324	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073)	Interactive_graphical_scada_system	9.8
2023-02-01	CVE-2022-2329	A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073)	Interactive_graphical_scada_system	9.8
2023-09-14	CVE-2023-4516	A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content.	Interactive_graphical_scada_system	7.8
2019-07-15	CVE-2019-6827	A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated.	Interactive_graphical_scada_system	7.8