CVE-2021-22709

Name of the Vulnerable Software and Affected Versions Interactive Graphical SCADA System (IGSS) versions 15.0.0.21041 and prior

Description A memory buffer vulnerability exists in the Interactive Graphical SCADA System (IGSS) Definition, which could result in loss of data or remote code execution when a malicious Configuration Group File (CGF) is imported. This issue is caused by improper restriction of operations within the bounds of a memory buffer. The exploitation of this vulnerability may allow a remote attacker to execute arbitrary code.

Recommendations For versions 15.0.0.21041 and prior, consider disabling the import of CGF files until a patch is available to prevent potential remote code execution. Restrict access to the IGSS Definition to minimize the risk of exploitation. Avoid using malicious or unverified CGF files in the affected system. At the moment, there is no information about a newer version that contains a fix for this vulnerability.