SCADA: Schneider Electric IGSS Arbitrary File Deletion
This signature detects attempts to exploit a known vulnerability against Schneider Electric IGSS. A successful attack can result in a denial-of-service condition.
Extended Description
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)
Affected Products
Schneider-electric interactive_graphical_scada_system_data_collector
Short Name
SCADA:SCHNEIDER-ELECTRIC-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
SCADA
Keywords
Arbitrary CVE-2021-22823 Deletion Electric File IGSS Schneider
Release Date
04/18/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3484
Port
TCP/12397
False Positive
Unknown
Vendors
Schneider-electric
CVSS Score
5.0