This vulnerability allows remote attackers to escalate privileges or create a denial-of-service condition on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to create a denial-of-service condition. Authentication is required to achieve privilege escalation.
Written by admin
NEWS
-
ZDI-23-341: Schneider Electric IGSS openReport Improper Input Validation Remote Code Execution Vulnerability
March 16, 2023This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. -
ZDI-23-340: Schneider Electric IGSSdataServer Exposed Dangerous Function Data Deletion Vulnerability
March 16, 2023This vulnerability allows remote attackers to delete application-level data on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. -
ZDI-23-339: Schneider Electric IGSS IGSSdataServer Exposed Dangerous Function Remote Code Execution Vulnerability
March 16, 2023This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.