Severity

Medium

Analysis Summary

CVE-2021-22697, CVE-2021-22698

When a malicious SSD file is uploaded and improperly parsed, an attacker could cause a use-after-free condition or stack-based buffer overflow resulting in remote code execution.

Impact

Remote code execution

Affected Vendors

Schneider Electric

Affected Products

EcoStruxure Power Build – Rapsody software Versions 2.1.13 and prior

Remediation

Schneider Electric recommends affected users immediately apply the following mitigations to reduce the risk of exploit:

• Apply the principle of least privilege to limit access to the computer running the Rapsody software.
• Install application whitelisting software on the computer to block the execution of malicious code.
• Install antivirus on the computer and keep it up to date.