ID CVE-2017-9967
Summary A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security.
References
Vulnerable Configurations
  • cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:12.0
    cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:12.0
CVSS
Base: 4.6
Impact:
Exploitability:
CWE CWE-16
CAPEC
refmap via4
bid 103022
confirm https://www.schneider-electric.com/en/download/document/SEVD-2018-037-01/
Last major update 12-02-2018 - 18:29
Published 12-02-2018 - 18:29
Last modified 09-03-2018 - 09:55
Back to Top