IGSS (Interactive Graphical SCADA System)

MonitorCVSS 6.5SEVD-2021-348-01Dec 14, 2021

Schneider ElectricEnergyManufacturing

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Schneider Electric IGSS (Interactive Graphical SCADA System) Data Collector module (dc.exe) versions 15.0.0.21320 and prior contain multiple vulnerabilities related to buffer overflow (CWE-120) and missing authentication (CWE-306). These vulnerabilities allow an attacker with network access to inject code, corrupt data integrity, or cause denial of service, preventing proper monitoring and control of industrial processes. IGSS communicates with industry-standard PLC drivers and is critical to operations in energy and manufacturing sectors.

What this means

What could happen

An attacker could compromise the integrity of SCADA data or disrupt monitoring and control functions, potentially preventing operators from controlling industrial processes or seeing accurate plant status.

Who's at risk

Energy utilities and manufacturing plants running Schneider Electric IGSS for SCADA monitoring and control should prioritize this. The IGSS Data Collector is the critical module that handles data collection from PLCs and industrial devices—if it is compromised, operator visibility and control of the entire process could be lost.

How it could be exploited

An attacker with network access to the IGSS Data Collector (dc.exe) process can exploit buffer overflow or missing authentication checks to inject malicious code or trigger a denial of service condition, disrupting SCADA operations on that machine.

Prerequisites

Network access to the IGSS Data Collector module (port/protocol not specified in advisory)
IGSS version 15.0.0.21320 or earlier installed and running

remotely exploitablelow complexityno authentication requiredaffects SCADA/process control

Exploitability

Some exploitation risk — EPSS score 3.3%

Affected products (1)

ProductAffected VersionsFix Status

IGSS Data Collector (dc.exe) V15.0.0.21320 and prior≤ 15.0.0.2132015.0.0.21321

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDIf upgrading is not immediately possible, isolate the IGSS Data Collector machine from untrusted networks using firewall rules to restrict inbound access

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade IGSS Data Collector to version 15.0.0.21321 or later

Long-term hardening

0/2

HARDENINGTest patches in a non-production environment before applying to operational systems

HARDENINGMaintain backups of IGSS configuration and data before patching

CVEs (2)

CVE-2021-22823 CVE-2021-22824

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/db804c9d-2112-48c9-8953-40f42fb088fe

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.