Rewterz Threat Advisory – CVE-2019-6827 – Schneider Electric Interactive Graphical SCADA System

Friday, July 12, 2019

Severity

Medium

Analysis Summary

An out-of-bounds vulnerability exists and could be exploited by the application processing a specially crafted project file. Exploitation could cause a software crash when data in the mdb database is manipulated or allow code execution.

Impact

Arbitrary code execution

Affected Vendors

Schneider Electric

Affected Products

Interactive Graphical SCADA System (IGSS)

Remediation

Schneider Electric recommends upgrading to Version 13.0.0.19140 or 14.0.0.19120.

http://igss.schneider-electric.com/products/igss/download/licensed-versions.aspx

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 11, October 2019 Rewterz Threat Alert – Kimsuky Group – IOC’s
  • 11, October 2019 Rewterz Threat Advisory – CVE-2019-10936 – Siemens PROFINET Devices Denial of Service Vulnerability
  • 11, October 2019 Rewterz Threat Advisory – CVE-2019-10923 – Siemens Industrial Real-Time (IRT) Devices DoS Vulnerability
  • 10, October 2019 Rewterz Threat Alert – Another Agenttesla campaign using a compromised Iraq Government site

Copyright © Rewterz. All rights reserved.