Rewterz Threat Advisory – CVE-2019-6827 – Schneider Electric Interactive Graphical SCADA System

Friday, July 12, 2019

Severity

Medium

Analysis Summary

An out-of-bounds vulnerability exists and could be exploited by the application processing a specially crafted project file. Exploitation could cause a software crash when data in the mdb database is manipulated or allow code execution.

Impact

Arbitrary code execution

Affected Vendors

Schneider Electric

Affected Products

Interactive Graphical SCADA System (IGSS)

Remediation

Schneider Electric recommends upgrading to Version 13.0.0.19140 or 14.0.0.19120.

http://igss.schneider-electric.com/products/igss/download/licensed-versions.aspx

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 16, July 2019 Rewterz Threat Alert – Lazarus Mobile Malware turning devices into bots
  • 16, July 2019 Rewterz Threat Alert – Lazarus APT Group, Attacked as Identity Document
  • 15, July 2019 Rise in Attacks on DNS Infrastructure and Web Applications
  • 15, July 2019 Rewterz Threat Advisory – CVE-2019-0330 – SAP Diagnostic Agent OS Command Injection Vulnerability

Copyright © Rewterz. All rights reserved.