You are here

Schneider Electric Interactive Graphical SCADA System (ICSA-19-192-06) – Product Used in the Energy Sector

Schneider Electric Interactive Graphical SCADA System (ICSA-19-192-06) – Product Used in the Energy Sector

Created: Tuesday, July 16, 2019 - 12:36
Categories:
Cybersecurity

The NCCIC has published an advisory on an out-of-bounds write vulnerability in Schneider Electric Interactive Graphical SCADA System. IGSS Version 14 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution or crash the software. Schneider Electric recommends upgrading to Version 13.0.0.19140 or 14.0.0.19120. The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.