Release of Invalid Pointer Vulnerability in IGSS Definition by Schneider Electric
CVE-2021-22760
7.8HIGH
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 11 June 2021
What is CVE-2021-22760?
A vulnerability exists in IGSS Definition (Def.exe) that could result in loss of data or remote code execution due to insufficient validation of user-supplied input data. When a malicious CGF file is imported, the lack of necessary checks can lead to unintended behavior within the application, exposing systems to potential threats.
Affected Version(s)
IGSS Definition (Def.exe) V15.0.0.21140 and prior IGSS Definition (Def.exe) V15.0.0.21140 and prior