Security Notification: Out-of-Bounds Write vulnerability fixed in v18

Thanks to the independent researcher Michael Heinzl working with CISA, the IGSS team has become aware of a security issue concerning import of Configuration Group Files (CGF) to the IGSS Definition module in IGSS V18.0.0.26124 and prior versions.

An update has been released to fix the issues in IGSS version 18.
Make sure to update the IGSS software either by downloading the latest version by running IGSS Update from the IGSS Master module or install the latest update from our download section.

If you choose not to apply the remediation provided, then please apply the following mitigations to reduce the risk of an exploit:
Avoid executing commands, importing or opening files from untrusted sources.

More details about can be found in the official security notification released on Schneider Electric Global – Cybersecurity Notifications.

classified, background, blog
Scroll to Top