Schneider Electric IGSS SCADA Software

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could result in remote code execution.

CVE-2021-22709 CVE-2021-22710 CVE-2021-22711 CVE-2021-22712

Schneider Electric has provided Version 15.0.0.21042 of the IGSS Definition module: Def.exe to address these vulnerabilities. The update is available for download through IGSS Master > Update IGSS Software or from the Schneider Electric support page.
Avoid importing CGF files from untrusted sources.
For more information, see the Schneider Electric security notification.

Schneider Electric Software, LLC

Schneider Electric Software, LLC · IGSS Definition (Def.exe) <= 15.0.0.21041

Commercial Facilities, Critical Manufacturing, Energy

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.