Schneider Electric Interactive Graphical Scada System Data Collector
By the Year
In 2024 there have been 0 vulnerabilities in Schneider Electric Interactive Graphical Scada System Data Collector . Interactive Graphical Scada System Data Collector did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 6 | 8.80 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Interactive Graphical Scada System Data Collector vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Schneider Electric Interactive Graphical Scada System Data Collector Security Vulnerabilities
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists
CVE-2021-22804
7.5 - High
- February 11, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
Directory traversal
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists
CVE-2021-22803
9.8 - Critical
- February 11, 2022
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
Unrestricted File Upload
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists
CVE-2021-22824
7.5 - High
- February 11, 2022
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)
Classic Buffer Overflow
A CWE-306: Missing Authentication for Critical Function vulnerability exists
CVE-2021-22823
9.1 - Critical
- February 11, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)
Missing Authentication for Critical Function
A CWE-306: Missing Authentication for Critical Function vulnerability exists
CVE-2021-22805
9.1 - Critical
- February 11, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
Missing Authentication for Critical Function
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists
CVE-2021-22802
9.8 - Critical
- February 11, 2022
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Schneider Electric Interactive Graphical Scada System Data Collector or by Schneider Electric? Click the Watch button to subscribe.