Vulnerabilities > Schneider Electric > Interactive Graphical Scada System Data Collector > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-11 | CVE-2021-22802 | Classic Buffer Overflow vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. | 7.5 |
2022-02-11 | CVE-2021-22803 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. | 7.5 |