CVE-2021-22760
Published: 11 June 2021
Summary
CVE-2021-22760 is a high-severity Release of Invalid Pointer or Reference (CWE-763) vulnerability in Schneider-Electric Interactive Graphical Scada System. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 36.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-9895
Vulnerability details
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file…
more
is imported to IGSS Definition.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.