SCADA: Schneider Electric IGSS Out-of-Bounds Read & Write
This signature detects attempts to exploit a known vulnerability against Schneider Electric IGSS. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
A CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Affected Products
Schneider-electric interactive_graphical_scada_system_data_server
References
CVE: CVE-2022-32525
URL: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01 http://www.zerodayinitiative.com/advisories/ZDI-22-322/ https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-01_IGSS_Security_Notification_V2.pdf&_ga=2.129523276.1599405415.1656080787-643358291.1655388168 https://www.tenable.com/security/research/tra-2022-22
Short Name
SCADA:SCHNIDR-ELCTRC-IGSS-BO2
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
SCADA
Keywords
& CVE-2022-24315 CVE-2022-32522 CVE-2022-32523 CVE-2022-32524 CVE-2022-32525 Electric IGSS Out-of-Bounds Read Schneider Write
Release Date
04/21/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
Port
TCP/12401
False Positive
Unknown
Vendors
Schneider-electric
CVSS Score
5.0