{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T11:33:50.445","vulnerabilities":[{"cve":{"id":"CVE-2021-22709","sourceIdentifier":"cybersecurity@se.com","published":"2021-03-11T21:15:12.077","lastModified":"2024-11-21T05:50:30.430","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition."},{"lang":"es","value":"Una CWE-119: se presenta una vulnerabilidad de Restricción Inapropiada de Operaciones dentro de los Límites de un Búfer de Memoria en Interactive Graphical SCADA System (IGSS) Definition (Def.exe) versiones V15.0.0.21041 y anteriores, lo que podría resultar en la pérdida de datos o una ejecución de código remota cuando es importado un archivo CGF (Configuration Group File) malicioso para IGSS Definition"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:M\/Au:N\/C:C\/I:C\/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:*:*:*:*:*:*:*:*","versionEndIncluding":"15.0.0.21041","matchCriteriaId":"3CC174AC-AAAA-4BA4-B23F-F6F08103EF38"}]}]}],"references":[{"url":"https:\/\/download.schneider-electric.com\/files?p_Doc_Ref=SEVD-2021-068-01","source":"cybersecurity@se.com","tags":["Patch","Vendor Advisory"]},{"url":"https:\/\/www.se.com\/ww\/en\/download\/document\/SEVD-2021-068-01","source":"cybersecurity@se.com","tags":["Broken Link","Vendor Advisory"]},{"url":"https:\/\/download.schneider-electric.com\/files?p_Doc_Ref=SEVD-2021-068-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https:\/\/www.se.com\/ww\/en\/download\/document\/SEVD-2021-068-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]}]}}]}