cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-7479,https://securityvulnerability.io/vulnerability/CVE-2020-7479,Missing Authentication Vulnerability in IGSS Update Service by Schneider Electric,"A vulnerability exists in the IGSS Update Service that stems from missing authentication, allowing local users to execute commands without requiring the necessary escalation of privileges. This weakness can be exploited by sending local network commands, potentially leading to unauthorized actions in the IGSS environment, compromising system integrity and availability.",Schneider Electric,Igss (interactive Graphical Scada System) (igss Version Prior To 14.0.0.20009),7.8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2020-03-23T19:18:26.000Z,0
CVE-2020-7478,https://securityvulnerability.io/vulnerability/CVE-2020-7478,Path Traversal Vulnerability in IGSS Software by Schneider Electric,"A path traversal vulnerability exists in the IGSS software developed by Schneider Electric, specifically in versions 14 and earlier that utilize the IGSS Update Service. This flaw allows a remote unauthenticated attacker to access arbitrary files on the server's local file system. When enabled, the IGSS Update Service can potentially expose sensitive data over an unrestricted or shared network, thus posing risks to the confidentiality and integrity of the system.",Schneider Electric,Igss (interactive Graphical Scada System) (igss Version Prior To 14.0.0.20009),7.5,HIGH,0.011540000326931477,false,,false,false,false,,,false,false,,2020-03-23T19:17:11.000Z,0