CVE-2020-7479

CVE-2020-7479

Vendor N/A
Product IGSS (Interactive Graphical SCADA System) (IGSS Version prior to 14.0.0.20009)
Weakness CWE-306 · Missing auth
Published March 23, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service.

Key dates

02Disclosure timeline

March 23, 2020 CVE published
August 4, 2024 Record updated