Interactive Graphical SCADA System (IGSS)

Plan Patch7.8SEVD-2020-315-03Nov 10, 2020

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple vulnerabilities exist in Schneider Electric IGSS (Interactive Graphical SCADA System) Definition module (Def.exe) versions 14.0.0.20247 and earlier. These vulnerabilities involve buffer overflow and out-of-bounds access flaws (CWE-119, CWE-787, CWE-125) that can be triggered when a user imports a malicious CGF configuration file into the IGSS Definition application. Successful exploitation allows an attacker to execute arbitrary code with the privileges of the user running IGSS, potentially compromising the engineering workstation and the integrity of SCADA system configurations.

What this means

What could happen

An attacker could execute arbitrary code on the IGSS engineering workstation by crafting a malicious CGF (configuration) file, allowing them to compromise the Windows operating system that runs the SCADA system design environment and potentially gain control over industrial process configurations.

Who's at risk

Energy utilities and manufacturing facilities using Schneider Electric IGSS for SCADA system design and configuration are affected. This impacts engineering staff who design, configure, or maintain SCADA systems using IGSS Definition, particularly those who import configuration files from external or untrusted sources.

How it could be exploited

An attacker creates a malicious CGF file and tricks an engineer into importing it into IGSS Definition (Def.exe) during system design or configuration work. When the CGF file is processed, a buffer overflow or memory corruption vulnerability is triggered, allowing the attacker to execute arbitrary code with the privileges of the user running IGSS.

Prerequisites

User must open/import a malicious CGF file in IGSS Definition (Def.exe)
IGSS Definition module must be version 14.0.0.20247 or earlier
Physical or social engineering access needed to deliver the malicious CGF file to an engineer

buffer overflow / memory corruption vulnerabilitylocal exploitation via user action requiredaffects system design environment not runtime operationsno patch available for versions above 14.0.0.20247 without upgrade path

Exploitability

Low exploit probability (EPSS 0.7%)

Affected products (1)

ProductAffected VersionsFix Status

IGSS Definition (Def.exe)≤ 14.0.0.2024714.0.0.20248

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict access to CGF file imports and validate file sources before importing into IGSS

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate IGSS Definition (Def.exe) to version 14.0.0.20248 or later via IGSS Master > Update IGSS Software

HOTFIXConsider upgrading to IGSS V15, which resolves this issue

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate engineering workstations running IGSS from general network traffic

CVEs (9)

CVE-2020-7550 CVE-2020-7551 CVE-2020-7552 CVE-2020-7553 CVE-2020-7554 CVE-2020-7555 CVE-2020-7556 CVE-2020-7557 CVE-2020-7558

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f6b8e53b-cdae-4811-a2b6-7356bf3c58d8