{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T04:57:23.944","vulnerabilities":[{"cve":{"id":"CVE-2021-22760","sourceIdentifier":"cybersecurity@se.com","published":"2021-06-11T16:15:10.153","lastModified":"2024-11-21T05:50:36.793","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file is imported to IGSS Definition."},{"lang":"es","value":"Un CWE-763: Se presenta una vulnerabilidad de puntero o referencia no válida en IGSS Definition (Def.exe) versiones V15.0.0.21140 y anteriores que podría resultar en una pérdida de información o una ejecución de código remota debido a una falta de comprobación de los datos de entrada suministrados por el usuario, cuando es importado un archivo CGF malicioso a IGSS Definition"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-763"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:interactive_graphical_scada_system:*:*:*:*:*:*:*:*","versionEndIncluding":"15.0.0.21140","matchCriteriaId":"C5AD9202-97A9-4975-8307-5CCAEBF75A0C"}]}]}],"references":[{"url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}