IGSS (Interactive Graphical SCADA System)
Plan Patch7.8SEVD-2023-255-01Sep 12, 2023
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
A vulnerability in Schneider Electric IGSS Update Service (versions 16.0.0.23211 and prior) related to insufficient authentication or authorization checks could allow a local attacker to execute arbitrary code with the privileges of the Update Service. This could result in remote code execution and loss of control of the SCADA system when IGSS is running in production mode.
What this means
What could happen
An attacker with local access to a workstation running IGSS could execute arbitrary code with the privileges of the Update Service, potentially gaining control of the SCADA system and disrupting industrial process monitoring and control.
Who's at risk
This vulnerability affects energy and manufacturing organizations operating IGSS SCADA systems. Operators and plant engineers who use IGSS for process monitoring and control should prioritize patching engineering workstations and Update Service servers, as compromise could result in loss of visibility and control over critical industrial processes.
How it could be exploited
An attacker with local access to a computer running IGSS Update Service could exploit missing authentication or authorization checks in the Update Service to trigger code execution. The attacker could then execute arbitrary commands to compromise the system or connected SCADA infrastructure.
Prerequisites
- Local access to a workstation or server running IGSS Update Service
- IGSS Update Service running (active process)
- Version 16.0.0.23211 or prior installed
requires local access to compromiseaffects SCADA control systemscould lead to loss of process controlauthentication weakness
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
IGSS Update Service v16.0.0.23211 and prior≤ 16.0.0.2321116.0.0.23212
Remediation & Mitigation
0/3
Do now
0/1HARDENINGImplement local access controls and restrict logon to engineering workstations running IGSS to authorized personnel only
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate IGSS Update Service to version 16.0.0.23212 or later
Long-term hardening
0/1HARDENINGIsolate IGSS systems and engineering workstations on a protected network segment with limited ingress from production networks
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/27347b74-c5dd-4f44-83a2-2aca12ceb85e