Vulnerabilities > Schneider Electric > Interactive Graphical Scada System Data Collector > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-11	CVE-2021-22802	Classic Buffer Overflow vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. network low complexity schneider-electric CWE-120	7.5
2022-02-11	CVE-2021-22803	Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. network low complexity schneider-electric CWE-434	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.