The NCCIC has published an advisory on an out-of-bounds write vulnerability in Schneider Electric Interactive Graphical SCADA System. IGSS Version 14 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution or crash the software. Schneider Electric recommends upgrading to Version 13.0.0.19140 or 14.0.0.19120. The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!
