A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
2023-01-30T23:15:10.627
2024-11-21T07:06:33.147
Modified
CVSSv3.1: 9.8 (CRITICAL)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | schneider-electric | interactive_graphical_scada_system | ≤ 15.0.0.22170 | Yes |