Schneider Electric ISGG dc.exe File Upload RCE (CVE-2021-22803)

critical Nessus Plugin ID 155316

Synopsis

An OT application is affected by a remote code execution vulnerability.

Description

The Schneider Electric IGSS Data Collector (dc.exe) running on the remote host is affected by a remote code execution vulnerability due to the lack of proper validation of user-supplied data. An unauthenticated, remote attacker can exploit this to upload arbitrary files to the remote host and execute code in the context of the user running IGSS.

Solution

Upgrade IGSS dc.exe to version 15.0.0.21244 or later.

See Also

http://www.nessus.org/u?271a9c78

https://us-cert.cisa.gov/ics/advisories/icsa-21-285-03

Plugin Details

Severity: Critical

ID: 155316

File Name: schneider_electric_igss_cve-2021-22803.nbin

Version: 1.31

Type: remote

Family: SCADA

Published: 11/12/2021

Updated: 3/19/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-22803

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:schneider-electric:interactive_graphical_scada_system

Exploit Ease: No known exploits are available

Patch Publication Date: 10/12/2021

Vulnerability Publication Date: 10/12/2021

Reference Information

CVE: CVE-2021-22803

ICSA: 21-285-03

ZDI: ZDI-21-1151