Buffer Overflow Vulnerability in Schneider Electric's Interactive Graphical SCADA System
CVE-2022-24313
9.8CRITICAL
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 9 February 2022
What is CVE-2022-24313?
A vulnerability exists in Schneider Electric's Interactive Graphical SCADA System Data Server that allows for a buffer overflow due to improper validation of input size. An attacker can exploit this flaw by sending a specially crafted message, potentially leading to remote code execution on the affected server. This issue emphasizes the importance of secure coding practices to prevent similar vulnerabilities.
Affected Version(s)
Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)