CVE-2017-9967

Published: Feb 12, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security.

Affected (1)

Products: Schneider Electric: Interactive Graphical Scada System

Schneider Electric

1 product

Interactive Graphical Scada System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Schneider Electric Interactive Graphical Scada System	Up to 12.0

References (4)

http://www.securityfocus.com/bid/103022

Source: cybersecurity@se.com

Third Party AdvisoryVDB Entry

https://www.schneider-electric.com/en/download/document/SEVD-2018-037-01/

Source: cybersecurity@se.com

Vendor Advisory

http://www.securityfocus.com/bid/103022

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.schneider-electric.com/en/download/document/SEVD-2018-037-01/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.