Skip to main content
Skip table of contents

ISN 2021-08: ICG Authentication Vulnerability

First published 17 November 2021

CVSS 3.1 Base Score: 10.0 (Critical)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

A critical security vulnerability affects IGEL Cloud Gateway (ICG) in the following versions:

  • All ICG versions before 2.04.100

Details

A penetration test has found an authentication vulnerability in ICG. It could enable an unauthenticated remote attacker to send commands and settings to connected IGEL OS endpoints.

IGEL would like to thank SCHUTZWERK GmbH, who discovered the vulnerability.

Update Instructions

  • Update to ICG 2.04.100.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close