cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-22805,https://securityvulnerability.io/vulnerability/CVE-2021-22805,Missing Authentication Vulnerability in Schneider Electric's Interactive Graphical SCADA System,"A vulnerability exists in Schneider Electric's Interactive Graphical SCADA System Data Collector due to insufficient validation of network messages. This could allow attackers to exploit the vulnerability, leading to the unauthorized deletion of arbitrary files in the context of the user running the application. Organizations utilizing this software version need to take proactive measures to secure their systems against potential threats.",Schneider Electric,Interactive Graphical Scada System Data Collector (dc.exe) (v15.0.0.21243 And Prior),9.1,CRITICAL,0.002240000059828162,false,,false,false,false,,,false,false,,2022-02-11T17:40:38.000Z,0
CVE-2021-22804,https://securityvulnerability.io/vulnerability/CVE-2021-22804,Improper Limitation of Pathname in Interactive Graphical SCADA System by Schneider Electric,"A vulnerability exists in Schneider Electric's Interactive Graphical SCADA System due to improper validation of user-supplied data in network messages. This oversight could enable an attacker to access and read arbitrary files in the context of the user executing the system. The issue affects versions prior to V15.0.0.21243, posing a potential risk for unauthorized data disclosure.",Schneider Electric,Interactive Graphical Scada System Data Collector (dc.exe) (v15.0.0.21243 And Prior),7.5,HIGH,0.01867000013589859,false,,false,false,false,,,false,false,,2022-02-11T17:40:37.000Z,0
CVE-2021-22802,https://securityvulnerability.io/vulnerability/CVE-2021-22802,Remote Code Execution Vulnerability in Schneider Electric Interactive Graphical SCADA System,"A vulnerability has been identified in Schneider Electric's Interactive Graphical SCADA System, specifically in the Data Collector (dc.exe). This flaw allows for remote code execution due to a missing length check on user-supplied data when a crafted message is received over the network. Malicious actors could exploit this weakness, potentially leading to unauthorized system access and manipulation.",Schneider Electric,Interactive Graphical Scada System Data Collector (dc.exe) (v15.0.0.21243 And Prior),9.8,CRITICAL,0.014630000106990337,false,,false,false,false,,,false,false,,2022-02-11T17:40:36.000Z,0
CVE-2021-22803,https://securityvulnerability.io/vulnerability/CVE-2021-22803,Unrestricted File Upload Vulnerability in Schneider Electric's Data Collector,"A vulnerability exists in Schneider Electric's Interactive Graphical SCADA System Data Collector that allows an attacker to upload arbitrary files, potentially leading to remote code execution. This occurs when crafted messages are sent over the network, enabling the manipulation of file permissions in vulnerable directories associated with the DC module. Users are encouraged to review their systems and implement appropriate security measures to mitigate this risk.",Schneider Electric,Interactive Graphical Scada System Data Collector (dc.exe) (v15.0.0.21243 And Prior),9.8,CRITICAL,0.014770000241696835,false,,false,false,false,,,false,false,,2022-02-11T17:40:36.000Z,0