{"cve":{"cve_id":"CVE-2023-27978","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.06482,"epss_percentile":0.92868,"epss_as_of":"2026-06-23","description":"A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).","published_at":"2023-03-21T00:00:00Z","last_modified_at":null,"cvss_v3_score":7.8,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"total","cwes":["CWE-502"],"nvd_references":["https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-04.pdf"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:28:33.973490Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"custom-reports-rms16.dll","product_name":"Custom Reports (RMS16.dll)","version_start":"V","version_start_inclusive":true,"version_end":"16.0.0.23040","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:custom-reports-rms16.dll:V:16.0.0.23040"},{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"igss-dashboard-dashboard.exe","product_name":"IGSS Dashboard (DashBoard.exe)","version_start":"V","version_start_inclusive":true,"version_end":"16.0.0.23040","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:igss-dashboard-dashboard.exe:V:16.0.0.23040"},{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"igss-data-server-igssdataserver.exe","product_name":"IGSS Data Server(IGSSdataServer.exe)","version_start":"V","version_start_inclusive":true,"version_end":"16.0.0.23040","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:igss-data-server-igssdataserver.exe:V:16.0.0.23040"}],"exploit_refs":[],"news":[],"references":[{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-04.pdf","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2023-03-21T00:00:00Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:27:27.289124Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:27:27.289124Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:27:27.289124Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:28:33.973490Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:28:33.973490Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:28:33.973490Z","label":"SSVC decision revised","source":"vulnrichment"}]}