Out-of-bounds write in IGSS SCADA



Published: 2019-07-12
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-6827
CWE-ID CWE-787
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		IGSS SCADA
Server applications / SCADA systems

Vendor Schneider Electric

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Out-of-bounds write

EUVDB-ID: #VU19160

Risk: Medium

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-6827

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the target system or crash the software.

The vulnerability exist due to an error within the application when processing a specially crafted project file. A local attacker can send a specially crafted file to the affected application, trigger out-of-bounds write error, execute arbitrary code on the system or crash the software when manipulate with data in the mdb database.




Mitigation

Install updates from vendor's website.

Vulnerable software versions

IGSS SCADA: 2 - 14

External links

http://ics-cert.us-cert.gov/advisories/icsa-19-192-06


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###