CVE-2020-7479 is a vulnerability in Schneider Electric Interactive Graphical Scada System
Published on March 23, 2020

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service.

NVD

Weakness Type

Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Products Associated with CVE-2020-7479

Want to know whenever a new CVE is published for Schneider Electric Interactive Graphical Scada System? stack.watch will email you.

Schneider Electric Interactive Graphical Scada System

Exploit Probability

EPSS

0.14%

Percentile

33.46%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-7479 is a vulnerability in Schneider Electric Interactive Graphical Scada SystemPublished on March 23, 2020

Weakness Type

Missing Authentication for Critical Function

Products Associated with CVE-2020-7479

Exploit Probability

CVE-2020-7479 is a vulnerability in Schneider Electric Interactive Graphical Scada System
Published on March 23, 2020