Vulnerabilities > Schneider Electric > Interactive Graphical Scada System Data Collector > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-11	CVE-2021-22804	Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. network low complexity schneider-electric	7.5
2022-02-11	CVE-2021-22824	Classic Buffer Overflow vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. network low complexity schneider-electric CWE-120	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.