Advisory Details

February 11th, 2022

Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability

ZDI-22-320
ZDI-CAN-14942

CVE ID CVE-2022-24311
CVSS SCORE 9.8, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AFFECTED VENDORS Schneider Electric
AFFECTED PRODUCTS IGSS
VULNERABILITY DETAILS

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.

ADDITIONAL DETAILS

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01
https://www.cisa.gov/uscert/ics/advisories/icsa-22-046-01


DISCLOSURE TIMELINE
  • 2021-12-15 - Vulnerability reported to vendor
  • 2022-02-11 - Coordinated public release of advisory
  • 2023-09-20 - Advisory Updated
CREDIT Vyacheslav Moskvin
BACK TO ADVISORIES